We have the world at our fingertips. For better or worse, there is really nothing that cannot be found on the internet. With that ever-expanding access come dangers, there will always be nefarious types seeking to deceive or take advantage of trusting people online. This is nothing new and, if you are technically inclined, this is not news to you.
But if you are tasked with keeping a corporate network secure or safeguarding sensitive information, are you sure that everyone who has access to your systems knows where the dangers are lurking? Do your employees use their own digital devices (BYOD) or use their personal machines to access the system when they are working remotely? You do everything you can on your end to block dangers viruses and malware. But could you make your data even more secure by helping users to understand the risks?
Free Downloads Could Cost You
Free online downloads are a notorious hotbed of cyber-criminal activity. Those free downloads can ultimately be quite costly if they contain viruses, adware, or spyware. The most common downloads to contain dangerous threats are free file-sharing, music, games, gambling, or adult content download sites. It is important to keep in mind that even downloads found on reputable or seemingly legitimate sights can be dangerous as well. Do your company’s security policies prohibit extracurricular content from being downloaded on company-owned machines? Do your employees understand the reasons you have such policies and how seriously your company views violations?
The extra code downloaded along with free games or tools can be innocuous and simply annoying. It is easy to click on one thing and, before you know it, your whole computer looks different, you have toolbars you don’t want, and you’re stuck uninstalling something you never meant to install.
What comes with a free download can be much more than annoying, however. Malware and adware can seriously affect the performance of your computer. Spyware can be intrusive and even dangerous. Spyware that finds its way onto a machine containing secure or protected data can lead to a costly data breach and dire consequences for a regulated organization or any company that keeps sensitive data like PII (Personally Identifiable Information) or PHI (Protected Health Information).
Protect Your Network and Your Employees
To protect your network, each computer that can be used to access company data needs to comply with company security policies and have a good, subscription-based anti-virus installed. Each laptop or workstation, every connected device, must be kept up to date with the latest anti-virus protection.
To further protect your company’s data, teach your employees to be careful what they download or click on when they are online.
Avoid any site that tries to trick you into downloading something else. Watch for these red flags:
- Lots of ads on the page
- Several download buttons on the page
- Suspicious filename of the download
Hover the mouse over the Download button. The URL of the download file appears in the lower left corner of the window. If that URL contains random number or is not recognizable as the content that you want, do not click on it.
To avoid dangerous downloads:
- Recognize that the extra buttons on these pages are not downloads but ads. They will take you to something other than what you think you are downloading. It is important to note that even popular sites have caved to ad revenue from such tactics.
- Downloading anything online, it is important to read every step of the download process and watch for pre-checked boxes that are designed to trick you into agreeing to accept a tool bar or adware that will be difficult to remove later and may be quite dangerous.
- Ultimately, it is best to download software directly from the developer’s site, not a portal offering lots of free tools buried in lots of confusing ads.
Employees who are unaware of these threats or careless in their online activities can be a major risk factor for your whole network. On the other hand, employees who are aware of the threats and who avoid dangerous online activities can help you avoid costly problems.
An open, ongoing dialogue with your employees will instill in them an understanding of online safety and your company’s commitment to protecting their well-being as well as the sensitive data that is your shared responsibility. If you need assistance developing appropriate security policies and practices within your organization, please contact us today.