If you’re reading this blog, there’s a good chance that you know the importance of internet security, and that you take steps to ensure your systems are patched, passwords are secure and computer networks are protected against the host of malicious malware floating around on the internet that has the potential to compromise your business.
According to Eurostat, 85 per cent of UK businesses have a broadband connection, which means 85 per cent of businesses regularly use a browser of some shape or form and may be taking advantage of the free services that come with them. Our latest white paper, Browser privacy and online security: a guide for IT managers, details the implications of using these free services (like document storage and free email accounts) and looks at the compromises that we are forced to make over the privacy of our corporate data in exchange for the free service provided.
It’s important to note that whilst the most popular browsers have rigorous policies when it comes to data privacy, the amount of detailed information that they can collect about what we do and say online is immense, and a very tempting target for hackers. We may consider targeted ads relatively benign, but what if a hacker could access confidential data that had been stored by a service provider? It might be possible to use the information to tailor malware and potentially exploit the data trail that we create; or, more worryingly, to gain access to your complete operating system by exploiting a vulnerability within the browser.
The guide, which is free to download from the Network Box website, offers the following advice on how IT managers can keep company data secure online:
- Select a browser and keep up to date with all vulnerabilities, updates and functionality associated with that browser so the correct risk assessment of threats can be made.
2. Only allow approved browsers to be used on any work computer, whether in the office or at home.
3. Make sure users understand what they’re signing up to when they use Internet services.
4. If you have a free email or document storage provider, you may be sacrificing some privacy rights. If you feel uncomfortable about this, find out whether you can opt out of targeted advertising; or avoid these services.
5. Be careful about what data you store on these services as some countries have regulations about where data may be stored geographically (Germany is an example)
6. Set work computers to disable third party cookies (note: most browsers will accept all cookies as the default option).
7. Ensure security systems are up to date and you have a layered security approach.
8. Check applications for vulnerabilities (such as SQL injection)
9. Ensure employees don’t use personal email accounts for work purposes.
10. Ensure employees delete browsing history regularly and clear cached information stored on computers.
11. Send out reminders to employees to change passwords regularly, and make sure they are robust. Recommend that they don’t use the ‘remember me’ feature when logging in to secure sites.
12. Be aware: make sure employees understand security risks, and avoid becoming victims of phishing attacks.