With bring your own device (BYOD) becoming an integral part of today’s corporate culture, organizations are faced with the challenge of dealing with hackers accessing corporate IT resources from non-company equipment. During the end of year holiday period, most office-based businesses choose to keep their shutters down, leaving their IT departments unmanned. This in turn leaves key IT applications at heightened risk of hacking and denial of service attacks, malware infections and unauthorized access. In view of this, GFI Software newly released guidelines for businesses planning to remain closed during the festive season.
A surge in sales of iOS, Android (News - Alert) and Windows 8-based tablets and smartphones indicates that this year, an unprecedented number of users will remotely access company resources – particularly e-mail – for the first time.
“The holiday season traditionally poses a big challenge for organizations of all sizes, as the need to monitor and maintain IT systems has to be balanced against the need for staff to take time off. However, IT staff face additional challenges, as not only do they need to consider the reoccurring threat of networks and systems being targeted during the quiet holiday period, but also the risk posed by employee devices being used for remote access,” GM of infrastructure at GFI Software, Phil Bousfield, explained in a statement.
GFI Software pointed out that combined with the risk of various forms of cyber attacks, there could be additional risk of natural disaster, power outages, burst pipes and burglary. Due to this, GFI strongly recommends that companies take strict precautions to ensure that networks and servers are as robust as possible in the face of heightened security threats over the holiday period.
The company prescribes a few basic tactics that can help protect corporate assets, while staff are away enjoying the holidays, making snow angels and filling their stockings. These include:
- Removing redundant user accounts as the dormant user accounts – known as Ghost Accounts – which tend to pose one of the biggest risks of unauthorized access and increase the number of entry points for an opportunistic hacker.
- Shutting down unnecessary open ports, leaving only the most critical network ports open.
- Closing unused ports greatly reduces the risk of intrusion, as well as helps avoid intrusion of malware, spyware and other malicious code trying to communicate under the radar of port monitoring software.
- Patching all software: Before shutting down for your vacation or holiday break, make sure that all operating system and key application patches have been applied.
- Updating antivirus software: Ensure that both the antivirus application and the definition files on all servers and other critical equipment are up-to-date.
- Switching off when necessary: If you don't need it, switch it off. Non-essential systems should be shut down while the business is closed. This will reduce the risk of unnoticed equipment failure and prevent non-critical systems from being compromised or used to access critical systems and storage silos.
- Refreshing the IT policy with firmer BYOD rules: An unsecured tablet can be a potential threat to data security and compliance, so refresh the IT policy with firmer BYOD rules will prove quite advantageous. The same applies to the required security levels of any device used to connect to company resources either remotely or within the building.
Just last week, GFI Software released its VIPRE Report for November 2012, a collection of the 10 most prevalent threat detections encountered last month, which included e-mail threats disguised as notices from American Express (News - Alert), DHLand UPS as the holiday season kicked into full gear, as well as a phony Twitter Video application on Facebook and mobile malware disguised as the latest Angry Birds game.
To learn more about GFI, visit www.GFI.com.
Want to learn more about the latest in communications and technology? Then be sure to attend ITEXPO Miami 2013, Jan 29- Feb. 1 in Miami, Florida. Stay in touch with everything happening at ITEXPO (News - Alert). Follow us on Twitter.
Edited by Allison Boccamazzo