Ways to keep your company safe as IT threats soar
News of new forms of insidious cyber attacks, viruses and malware emerges almost daily - making it seem as if a so-called "Cybergeddon" is imminent - yet many companies still do not have adequate infrastructure to protect themselves against these online onslaughts.
Is it simply a matter of company owners becoming desensitised due to being inundated? Or do they regard every new warning with a dose of scepticism, thinking that it is merely scare tactics being employed by security companies to sell their software and services? Is there truly a reason to be concerned?
It is definitely not fear-mongering. Statistics show that there has been a rapid rise in attacks this year, with the nature of the attacks getting especially bad in the last two months. The focus of the attackers is also shifting, with the functions of malware smuggled onto company computers changing and now increasingly being used for corporate espionage, to spy on company networks.
Targeted attacks to steal sensitive company information
The purpose of this is to collect information about the company infrastructure and use it during targeted attacks to steal sensitive company information and customer data. Research conducted by the South African Cyber Threat Barometer and published in the organisation's 2012/13 report, reveals that South Africa lost R2.65 billion to cybercrime between January 2011 and August 2012.
The bring your own device (BYOD) culture, in which smartphones and tablets are simultaneously used for both business and personal matters, are also to blame for weakening the boundaries of company networks. However, there are ways to strengthen it. An exact analysis of the IT infrastructure and threats to the sensitive data of a company is the basis for planning adequate protective measures. Virus protection and firewalls are standard components, which most companies use. Sensitive information, such as the credit card information of customers, electronic personnel files, contracts as well as research and development results, might require additional protective measures.
Restricted access to data and encryption technology
Those measures include having restricted access to data and using encryption technology. Companies should also introduce clearly stipulated and binding IT guidelines, in which they define how employees are allowed to use the Internet and private devices at and for work purposes.
A security product, like any of those in the G Data range, is a good starting point for companies to keep their valuable information secure. The G Data products include two powerful scanning engines, a firewall, spam filters, web protection, application and parental controls, as well as device management tools. All of these features ensure that a business of any size is fully covered from the multitude of threats directed at it on a daily basis.
In addition to all-round virus, spam and phishing protection, G Data's DoubleScan technology ensures the best virus detection rates and boasts state-of-the-art methods for detecting unknown viruses. All business products boast application control and device management, allowing business owners to control the use of external devices on their network. All of this comes in one package that is highly configurable and at a very competitive price.
Companies - especially small to medium enterprises (SMEs) - could enjoy many benefits if they decided to switch to external service providers, such as those provided by Managed Security Service (MSS) and Security as a Service, in which SMEs can rent security solutions and delegate complex security problems or questions to experts. Companies enjoy many advantages when they use external service providers, including lower costs, flexibility and a high availability of specialists.
About the author
Lutz Blaeser is the MD of Intact Security.