Month: March 2018

Categories
Casserly Consulting Blog

Tip of the Week: How to Avoid Spam Emails

Spam_avoid_emails_400.jpg

Would you just give your bank account information to anyone who called you up and asked for it? Probably not. For the same reason, you wouldn’t just download attachments from your email messages without a second thought. This can be a dangerous practice, as some of the most common threats nowadays spread themselves via unwanted email attachments. It’s important that you can identify when it’s the right time to download an attachment, and when it’s best to just leave it be without exposing your business to unnecessary risk.

First, a little information about why you might be forced to make this decision in the first place. Spam messages are often the easiest way to spread the influence of malware and other threats. It’s simply a fact that you can send one message to countless individuals knowing that at least some of them will be fooled into downloading the attachment, and in turn, downloading all of the nasty things found on it.

For example, ransomware makes its home on workstations due to infected attachments. Your company might receive an unsolicited message from a prospective employee, who has attached their resume for review. Before your HR department knows what’s happening, their files are encrypted due to the attachment actually containing malware from a hacker. Surprise–your organization has fallen victim to a targeted phishing attack, with an infected infrastructure being the fallout.

While your spam filter might flag some of these messages as dangerous, it’s unlikely that the most dangerous ones will be caught in its web. Be wary of messages that claim to be receipts, shipping information, resumes/CVs, and other information that might be important for your organization. Hackers understand this and want to take advantage of that knowledge, which could potentially put your company in a tight spot.

Ultimately, the best way to keep your company safe is by taking a two-pronged approach–educating your employees on the importance of email security, and a technology solution designed to eliminate the majority of spam in the first place. The first can be maintained simply by holding awareness training and actively practicing proper email etiquette. Teach your employees that they should never open attachments from anyone they don’t know, and to always investigate the source of the message before declaring that it’s safe enough.

For the second measure, you can rely on COMPANYNAME to help you out. Our technicians can hook you up with an enterprise-level spam blocker to keep the majority of dangerous messages from making their way to your inbox in the first place. It’s a great measure that can minimize your employees’ exposure to risky elements. To learn more, reach out to us at PHONENUMBER.

Categories
Casserly Consulting Blog

Are Mobile Devices Putting Your Workplace at Risk?

mobile_device_workplace_risk_400.jpg

How many devices find their way into your office every day? In this age of mobile devices, it’s no surprise for each of your employees to have everything from a smartphone or tablet, to wearable technology like a Fitbit. Depending on the type of device, you’ll want to ensure that you have every opportunity to secure it so that it doesn’t become a security problem later on down the road.

The reasoning for doing so is simple; the more devices on your network, the more opportunities that a hacker has to gain entrance to it. If you don’t maintain who can or cannot access your network with specific devices, you could be leaving the backdoor open to any number of threats out there. Therefore, you need to take a multilayered approach to network security for mobile devices, and it all starts with a Bring Your Own Device strategy.

Bring your Own Device, or BYOD, aims to manage the risk of employees bringing their own devices to the office without sacrificing the privilege of doing so. Some of the major features of BYOD are great ways to augment mobile device security for your organization, so here are a couple of them to consider:

Blacklisting and Whitelisting Apps
The apps downloaded to your device have a lot to do with your business’ security. There are apps out there that are known to cause security discrepancies for your organization, so it makes sense that your business has a way to keep undesired apps off of your devices. By blacklisting and whitelisting apps, you can control your devices to an extent, keeping known threats off of smartphones and tablets.

Remote Wiping
Losing a device is a worst-case scenario for a lot of organizations. Not only do you risk the device falling into the hands of someone who refuses to return it, but you also risk the data on the device being compromised. In any case, you should enable the option to remotely wipe any lost, misplaced, or stolen devices so that they can’t be accessed by malicious actors. This way, you preserve the right to protect company data while still allowing employees to use and access their devices.

Let’s start talking about implementing your BYOD policy. COMPANYNAME can help your organization implement a solution that’s ideal for your specific needs. To learn more, call us today at PHONENUMBER.

Categories
Casserly Consulting Blog

Are the Apps on Your Device Safe?

trustworthy_apps_400.jpg

It’s difficult to judge whether or not an app can expose your business to risk without first downloading it. Despite their best efforts, Google Play and the iTunes store can’t possibly identify every single malicious application out there. Unfortunately, you’re charged with taking the security of your mobile devices into your own hands, but thanks to Google Play Protect, this responsibility is a bit more mild.

Google Play Protect is a new way to help users protect themselves from dangerous smartphone applications. It’s not necessarily an app on your device, but is instead a feature of the Google Play store itself. It’s found on Google Play Services v.11 or higher. Essentially, Google Play Protect scans your apps in the background and looks for anything sketchy going on behind your back. It can also manually scan your device for threats, as well as improve the detection of harmful apps that haven’t been installed through the Google Play store.

One of the major downfalls of Google Play Protect is that it can’t immediately scan an app that you install. Instead, you have to scan the app before you open it for the first time. We recommend that you always approach any new application with caution long before you download it from the Google Play store.

Even with Google Play Protect handling some of the dirty work behind the scenes to keep your devices safe, there are still measures that you can take to augment its approach. Here are just a few of them.

  • Only download apps from trustworthy sources: You might run into links that allow you to download an app to your device. By default, your device won’t let you download apps from external sources, and this is for a good reason. There is a greater chance that your organization could run into a malicious app while outside of the Google Play store. To be safe, only trust those that you find in the store itself.
  • Be wary of app permissions before downloading: Depending on the app you’re downloading, you might find that apps will require permissions to specific information on your device. An easy giveaway that an app isn’t the most secure is when it’s asking for too many permissions than you’re comfortable with. A great example is a flashlight app–why would it need access to your calls or text messages?
  • Consider Bring Your Own Device (BYOD): If each of your employees has a smartphone, a tablet, and a laptop, that’s three devices per user that are accessing important data. Therefore, it makes sense that in order to minimize risk, you implement some type of BYOD strategy that blacklists apps, remotely wipes compromised devices, and enhances mobile security.

Does your business need a way to ensure mobile security? COMPANYNAME can hook you up with a great mobile device strategy that can help your organization minimize risk. To learn more, reach out to us at PHONENUMBER.