It seems like hacks and thefts of information are in the news daily, from Ashley Madison to the US Government, airlines, and businesses; no one seems to be exempt from the threat. So, what can you do to protect your organization and your information? You may hear offers of security audits, vulnerability & threat assessments, and breach investigations, but where do you start?

There are many components to protecting your environment, such as examining your architecture and checking vulnerabilities, but one of the least technical methods of protecting your company is user education. One of the most common methods for infiltrating networks is spear phishing, which is a little different from the blatantly malicious phishing that most people are familiar with.  Educating your users about how to avoid this is an easy way to decrease your exposure. InfoWorld recently posted this great article on phishing and suggests educating your users as a first line of defense.

One easy step is to check the full email address. It may say it is from a friend, but is it their usual email address? Another is to look closely at attachments. Most spear phishing files come in .zip format, according to a Mandiant report, but often hackers dress up Zip files as PDFs in disguise by adding Adobe icons. This means you will want to examine the full file name to ensure it doesn’t end in .exe.

User education is a start, but it isn’t enough to ensure your safety. Companies wanting to secure their valuable customer data and intellectual property across internal networks and the Internet have additional resources. There are services that can augment and unify a company’s existing security systems to build a more resilient defense from these threats.  Services include comprehensive penetration testing and regulatory compliance and live 24/7 monitoring designed to protect cloud, premise, and hybrid networks on a global scale.

To learn more about cloud security options, email us at info@myarg.com.