Critical Cybersecurity Protocols To Implement

Uploaded on 2016-12-09 in NEWS-Cybersecurity News, JOBS-Careers, FREE TO VIEW

Employees in the office or out and about are commonly using mobile devices, yours and theirs.  Your network is vulnerable wherever they are. 

It used to be that workers would come into the office, sit at their desk, work for eight hours (with a break for lunch in there somewhere), and then go home. Now, however, work is moving out of the office and into, well… everywhere else. With teleconferencing, smartphones, cloud computing, and a long line of other mobile technologies, today’s workforce has evolved. Workers are used to always being on the go.

For that to be possible, though, they need to be able to access their work data from anywhere. The world has adapted to the point where that “always connected” mentality is necessary. The problem with being able to access your data from anywhere, though, is that other people can find ways to access that data, too—people you don’t want going through customer information, company financial records, and other secure data.

Security provider Blue Coat reports that the average data breach costs an organization $10,000, with some breaches being more commonly reported in the tens of millions. In order to lower the risk of such a breach, it’s wise to put security protocols in place and map the process out on in a step-by-step format via workflow management software for the entire organization to see. Here are a few protocols you should keep in mind when creating this process internally.

Install malware protection software

Mobile malware used to be uncommon, but its popularity is growing. In the past, it was difficult to infect an Apple mobile device with malware, because it required the user either to actively download an infected app from Apple’s store or to jailbreak their phone in order to install their own unauthorized apps. In 2015, however, it was discovered that attacks using XcodeGhost and YiSpecter did not require those same vulnerabilities. To counteract these and similar threats, companies should make sure that any device employees use to access the company’s network or records has malware protection installed.

Update apps as soon as possible

Cybercriminals are working day and night to find and exploit new vulnerabilities, and the people who built the apps they are attacking are working just as hard to fix those vulnerabilities. Get your employees in the habit of keeping all apps on their phones, laptops, and other devices they use to connect remotely in order to remain protected against breaches.

In the same vein, enforce a policy that regulates which apps employees can and cannot download or access using the company network.

Require a PIN/passcode for all mobile devices

Criminals looking for secure data may not even need malware if they can get their hands on an employee’s mobile device. Whether the employee has stored the secure data on their device or regularly uses it to access the company network, it presents a vulnerability. The first step to closing this security gap is a simple one—require all employees to utilize a PIN or passcode in order to unlock the phone. Make sure that it is a secure password and that it locks within five minutes.

When it comes to passcodes, longer is generally better. A four-digit PIN means there are 10,000 possibilities, but professional hackers won’t be deterred. On iOS, your employees can go into settings and turn the “Simple Passcode” setting to Off.

Set up devices for remote wipes

If one of your employees actually does lose their phone, whether it was stolen or misplaced, you don’t want that data to be outside of your control. If all else fails, you need to be able to take that information out of the wild. 

Set up your devices so that, in an emergency, you can access it remotely and wipe all of the data stored on it. Depending on the type of device your employees are using, this might require you to download a special app, or it might come as part of the standard suite. With the remote wipe enabled, a lost device will still be the loss of an asset, but it won’t necessarily become a security breach.

CTO Vision:               BYOD Security Report:
 

« AI Ushers In A Whole New Era Of Hacking
China's Great Wall Into Russian Cybersecurity »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Aurec

Aurec

Aurec provides specialist recruitment and contracting services including ICT professionals.

CyberSecurityJobsite.com

CyberSecurityJobsite.com

CyberSecurityJobsite.com is a specialist job board designed to attract candidates working within Cyber Security, Information Security or Information Assurance.

Hexnode MDM

Hexnode MDM

Hexnode MDM is an award winning Enterprise Mobility Management vendor which helps businesses to secure and manage BYOD, COPE, apps and content.

Absolute IT Asset Disposals

Absolute IT Asset Disposals

Absolute IT Asset Disposals is an IT asset disposal (ITAD) company providing safe and secure recycling of IT assets.

Neudomains

Neudomains

Neudomains is a Corporate Domain Name Management and Brand Protection Online Specialist. One of the world's top providers of online brand protection and enforcement.

GELLIFY

GELLIFY

GELLIFY is the first innovation platform dedicated to the high-tech B2B market, supporting start-ups and companies.

Forum Systems

Forum Systems

Forum Systems is a global leader in API Security Management with industry-certified, patented, and proven products deployed in the most rigorous and demanding customer environments.

KrCERT/CC

KrCERT/CC

KrCERT/CC is the National Computer Emergency Response Team in Korea.

Matrium Technologies

Matrium Technologies

Matrium Technologies has been a leading provider of technology solutions since 1991, with a strong industry background in Network Testing, Network Visibility and Security.

OSI Security

OSI Security

OSI Security's primary services include penetration testing, security auditing, web application security testing and risk management.

Rezonate

Rezonate

Rezonate discovers, profiles, and protects Identities and their entire access journey to cloud infrastructure and critical SaaS applications. Preventing and stopping cyberattacks.

Allstate Identity Protection

Allstate Identity Protection

Allstate make it easy to provide complete identity protection, so everyone can live more confidently online.

HIFENCE

HIFENCE

HIFENCE delivers cybersecurity and networking services that make your company safer and more secure. That’s all we do, so you can concentrate on all the things that you do best.

BBS Technology

BBS Technology

BBS Technology is a company that develops and delivers next-generation cyber security technologies worldwide.

Vana Solutions

Vana Solutions

Vana Solutions is an Information Technology Services company. We help commercial & federal organizations select, adapt, and integrate the right technology solution so you can move faster.

Jitterbit

Jitterbit

Jitterbit integrates critical business processes and enables application development to deliver the experiences and insights needed by enterprises of all sizes to accelerate their digital journey.