Dear Geek,
We have a strict AUP (Acceptable Use Policy) for computer/internet usage at our company, yet our computers still are regularly infected by malware and/or viruses. Are we missing something?
Signed,
Prescription Please
Dear Prescription,
Congratulations of having an AUP in place, and enforcing it! It’s amazing how many businesses don’t think they need one. However, unless they’re operating in the dark ages, every business has at least one computer that they rely on for their day-to-day business. If they have even one employee that thinks they’ll “just quickly check my email” or log onto a supposedly “safe” website during their break, their computer could be infected! This could cost the business thousands, or hundreds of thousands, of dollars, in lost business. Or worse if their data is hacked.
According to internet security company Sophos, more than 30,000 websites are infected daily. 10% of these are infected with an exploit kit, and 2/3 of them were hijacked by the Blackhole kit itself. 80% of the infected websites are legitimate websites, hacked or injected by cyber-criminals with code to host malware. 85% of all malware, including viruses, worms, spyware, adware and Trojans, come from the internet, with drive-by downloads marked as the top web threat.
With the mass consumerism of BYOD (Bring Your Own Device) in which everyone has at least one access point outside of their work desktop computer. Because of this easy access to sensitive corporate information from home computers, smartphones, and tablets, this has become one of the newer causes of data vulnerability.
Mark Harris, VP of Sophos Labs, Sophos states, “As cybercriminals expand their focus, organizations are challenged to keep their security capabilities from backsliding as they adopt new technologies. And as we continue to access information in different ways, from different devices in different locations, security tools must be able to “protect everywhere” – from desktops to mobile and smart devices and the cloud. But more importantly and oft-disregarded, cybercriminals will continue to stalk the easiest prey – security basics like patching and password management will remain a significant challenge.”
Sophos states that the one topic that seems to cause the most problems, no matter what: “Security basics like patching and password management will remain a significant challenge to IT security. Keeping your devices healthy by identifying missing patches in areas commonly targeted by the bad guys will help significantly.”
Long story short: Make sure your passwords are difficult to figure out, are changed frequently, and that your patches, virus/malware definitions are up-to-date.
Technology by Design offers Monthly Managed Services which includes Patch Management, Virus Removal and Cleaning, Spyware Monitoring and Removal, Virus Definition Upates, Malware Definition Updates, and more. Call us at 204-800-3167 for more information!
On A Related Note: If you’re running Windows XP and/or Office 2003 – their manufacturers will no longer support them after April 8, 2014. Which means there will be no more security updates, tech support, or patches released after this date. If you would like information regarding updating Windows XP or Office 2003, please call us at 204-800-3167. We can assess your situation, and recommend the solution that works best for you.
If you have a question for our Resident Geek, send it to: geek@tbyd.ca. We’ll translate it from Geek-lish to English, so it actually helps!
Leave a Reply