Non-obvious rules of digital hygiene.
Material prepared with Microsoft support
Even companies with well-protected infrastructure are at risk of cyber attacks. Many problems occur because of employee errors when dealing with corporate messages, social networks, and user accounts. Here's how to avoid those mistakes.
Using instant messengers to store corporate information
Employees who perform business correspondence and share work documents on social networks are at greater risk of becoming victims of criminals. In this case, controlling the leak of information or hacking accounts is almost impossible.
It is relatively safe to use corporate channels in instant messaging. Therefore, the information remains under the control of the organization and does not exceed its limits. It does not guarantee security, but it allows you to control important data.
Some employees copy the contents of the work papers in correspondence with themselves to read them later. When a material goes out of control of a corporation, it may fall into the hands of fraudsters. If you hack an account on social networks, among other things, they will also have access to corporate information, and the account owner may become a victim of blackmail.
The main way to protect against such incidents is to use internal corporate platforms for communication.
Microsoft has developed a Teams' secure workspace, in which you can create project teams, share ideas, edit documents, and conduct videoconferences.
Permanently updated passwords
In some companies, management forces staff to regularly update passwords. Such measures may be detrimental.
Not to invent a new combination every time and not to be confused with it, employees usually add a number to the old password. This algorithm allows a hacker to decipher an account simply by changing the old "password" to a predictable "password1".
It is best to use complex, unique passwords for each service without forcibly expiring.
We are at the stage of transforming the entire digital community and we are gradually moving toward complete password rejection. But so far not to do without them. At least because we sometimes work on other people's computers.
The Windows Hello platform allows you to use an alternate input method using biometrics – fingerprint, facial recognition, blood vessel scanning of the palm pattern – or a PIN code attached to the device.
This way you can unlock devices and log on to websites and apps. "Tinkoff" and "Sberbank", for example, to simplify authorization, they suggest to connect Windows Hello to enter the mobile bank application.
Jump on suspicious links
Phishing is one of the most common forms of cyber attacks to small and medium businesses. According to Microsoft's report in 2018, the average monthly rate of phishing emails has increased almost three-fold (from 0.14% to 0.49% on average per month).
Many mail services have built-in mechanisms for checking all the links that the recipient receives. But they analyze the link only once.
For a letter to bypass the spam filter, it is sufficient that the link is not available during the scan or leads to an uncommitted site.
After some time, hackers change the link pointer to direct the user to another site that attempts to exploit browser vulnerabilities and retrieve user data.
In Office 365 Advanced Threat Protection, you can bypass suspicious links through a cloud filter and start attachment files in an isolated sandbox or blasting camera. This is an artificial digital environment in which a potentially dangerous file is placed and analyzes how it behaves.
Using autocomplete in browser
Storing all passwords and autocomplete forms in the browser is an additional vector to attack the company. Through vulnerabilities, hackers can hack more than one account, but several at the same time.
Passwords are entered better manually, and when working with someone else's device, turn on incognito mode to delete session data after it is completed. An even more reliable option is to use one-time or authorization passwords through the Microsoft Authenticator mobile application.
"Incognito" mode does not reduce the risk of invading accounts. Going through unknown hyperlinks and inserting your own credentials into fake sites may in any case prove to be a regrettable consequence.
In Windows 10, there is a special Application Guard mechanism that prevents viruses from entering. The Web resource code runs in a hardware-managed container, isolated from the host system. The user works on a special account and, upon completion of the job, the container automatically resets the session information. Therefore, antivirus software can not be fixed on the system.
The greatest security risks for a business arise in the absence of a single centralized software update policy. According to statistics, for 80 percent of vulnerabilities exploited at the time of the attack, security updates already released by manufacturers already existed.
Administrators sometimes neglect updates because they can disrupt some business processes. This is a matter of discipline, testing procedures and installation of updates, as well as monitoring and configuration management.
Software updates are best performed consistently, in turn, by updating the programs in each division of the company. This algorithm helps to identify problems at work and to eliminate them in a timely manner at an early stage.
What to do to improve information security in the enterprise:
- Regularly update the software on all systems.
- Perform data encryption and control access rights to documents.
- Use strong passwords and two-factor authentication.
- Do not open suspicious letters, attachments and, especially, do not follow hyperlinks in such letters.
- Create corporate channels in messengers or conduct correspondence and workflow in special corporate programs.