Sophos have recently published a great guide on 7 deadline I.T. Sins so we thought we’ed share them with you.
1. Mobile Negligence
That flashy little device in your pocket is a big security risk. Hackers are increasingly targeting mobile devices to steal data (emails, contacts, corporate data, financial information) and send premium rate SMS, using up your bandwidth in the process. Android devices are most vulnerable to threat – last year SophosLabs saw an 1800% increase in Android malware. While there is less iOS malware these devices are still vulnerable to attack, particularly jailbroken devices.
Sophos suggest the following to stay safer:
- Enforce secure passwords, blockunwanted apps, and email corprate email and WiFi.
- Reduce the risk of data breaches with remote wipe and anti-theft technologies.
- Secure Android devices against mobile malware using core Sophos antivirus engine.
2. Mac Malice
Macs are gaining ground on Windows in corporate usage. However, many Macs aren’t properly protected against malware and data loss. Macs can be infected with malware just like PCs, and the threat is growing. Macs can also play host to Windows malware and spread it across your network to all your Windows computers. Your employees love their Macs. But you can’t afford to give Macs a pass on protection.
Sophos suggest the following solutions:
- Complete cross-platform protection, manahed through a single console.
- Enforce user-based policies that follow users across devices and platforms.
- Secure Macs against the latest threats – AV – Comparatives results show that Sophos catches more Mac malware that other security software.
3. Unsecure WiFi
Put an access point in your office and you’ll have a WiFi hotspot in not time. Then along come all these devices that want to connect – smartphones and tablets belonging to your employees, laptops, brought in by visitors. Do you know where these devices have been? And if your hotspot provides full access to your corprate network, that could mean access to more data than you intend. If you don’t protect your wireless network, it can open the dorr to threats.
Sophos suggest the following
- Install secure wireless access points in seconds
- Enforce your standard network secureity policies across your wireless network.
- Block undesirable websites and unsecure mobiles devices
- Setup separate hotspots with different policies for different groups, with as much or as little network access as you want.
4. Un-encrypted Email
Your email typically traverses the Internet in plain text format. It’s like sending a postcard in the mail. Anyone with the means and motive government agencives, ISPs, webmail providers, hackers, advertisers and even your competitors – can take advantage of this to steal sensitive data, facilitate identity theft, access credit card information, or provide more targeted advertising. We’re in the middle of an email snooping epidemic and unsecure email is a major liability.
Sophos provide the following solutions to let you protect you.
- Combine DLP and policy-based email encryption in one easy to use solution.
- Automatically detect sensitive information leaving your organisation by email and either block or enrypt it.
- Take data protection out of the hands of your employees and take care of it for them.
5. Faulty Firewalls
It may look like an unassuming box in the server room, but your firewall is your network’s first line of defense: blocking port scans, thwarting data-stealing malware, control Facebook access, prioritising bandwidth for corporate applications… the list goeson. If your firewall can’t keep up with threats and bandwidth demands, or is too complex ti use effectively, you’re not getting the full potential from your network.
Sophos sugget being fully protected.
- Put all the protection you need in place, simply and easily.
- Enjoy lightnight speed – Sopho’s firewalls beat the competition in independent tests.
- Get visibility into what’s happening with extensive built-in reporting.
- Secure against the latest threats with SophosLabs global threat expertise.
6. Un-encrypted Files
Major corporations like Target, The Home Deport and JP Morgan Chase have suffered data breaches that are devastating to their brands. Smaller companies suffer the same fate with less fanfare. No Matter what the size of the breach, your reputation and customer loyalty can be damaged beyond repair. If you’re noit securing sensitive company data and your customers’ identities, your customers will flee even if your business escapes the wratth of reguators.
Sophos suggest the following to stay secure.
- Depoly the earliest, most reliable full disk and file level encryption available.
- Protect data on multiple devices and operating systmes, without slowing down your users.
- Manage the native full-disk encryption in both Windows and OS X from one central console.
7. Delinquent Web Filtering
Web filtering used to be easy – block out the pornography, gambling and extremist content and you’re safe. But today that’s no longer enough to keep employees secure against dangerous website – 80% of all web malware is now hosted on legitimate websites that have been compromised. Hackers compromise thousands of new sites every day, using sophiostcated techniqutes to keep their malware by browsing to a hacked website that might have been safe the day before, without even knowing it.
Sophos suggest advanced protection:
- Keep out prohibited content with URL filtering with policy enforcement.
- Catch the threats on the sites you’re alllowing, scanning all content in real-time for malware before it reaches the browser.