Malware defense

by | Sep 13, 2017 | Business, Cybersecurity

Ty HeddenI love being proactive. Identifying and dealing with risk before disaster strikes is a huge part of my everyday job at Smart Dolphins. My routine risk management work is mostly technical. I ensure routers are secure, backups are working and security policies are in place. Being proactive with machines is a process. It can be structured and planned, made to be repeatable and scalable.

But businesses are not powered by computers; They are powered by people.

Computers only do what we program them to do, and usually they do exactly what we tell them to do….For better or for worse. Ask a computer to email a file and it will email a file. Ask it to run a virus disguised as an email attachment and it will happily oblige.

While an antivirus will catch most threats, it is only one component, and should not be seen as our primary protection. The best protection is not technological but behavioural. Knowing how to safely handle a questionable attachment is key.

Being uncertain and opening  a malicious attachment could have big ramifications. In the case of crypto-ransomware like Cryptolocker, it could result in losing data on your computer, even data on your company’s server. In these cases, we fall back to closely monitored backups immune to such ransomware but there is always a cost in terms of both wasted time and lost productivity in a data restoration. Such small slips that can result in downtime which are preventable if you know what to do.

We’ve always focused on maintaining well-secured networks, but today more and more threats are targeted at people, not computers. If you’re picturing careless employees surfing nefarious websites on their lunch breaks, you are somewhat mistaken. I haven’t met anyone yet that can’t improve their computing habits and reduce the risk they carry on their business network.

Join me on Thursday November 2 at Smart Dolphins for lunch and let’s talk about tools and habits you need to become a malware and computer security savvy user.