Cloud Hosting

The internet is a fickle beast. On the one hand, we now have access to the sum total of human knowledge (and human opinion) at our fingertips across an incredible range of devices. On the other, it's opened us up to a whole new world of crime, where scammers are waiting seemingly around every corner.

But just because a threat is out there, doesn't mean you must inevitably be vulnerable to it.

Here are some simple steps to ensure both you and your business remain safe on the internet.

Running internet security software on your endpoints (computers, mobile devices, tablets, etc) is the simplest place to start.

Most of the well known antivirus firms, have dedicated internet security products for both individuals and SMBs. They include features such as warning you if a page isn't secure, which is particularly important if you're going to be entering sensitive personal data, or if a page is trying to redirect you, as well as protection against malware downloads, including ransomware.

This type of software should ideally be used in conjunction with other on-device anti-malware programs.

When it comes to internet security, the proverb "better safe than sorry" is very much applicable. Genuine looking messages can be laden with hidden traps, like documents or PDFs containing malicious payloads or links to infected websites a technique commonly known as phishing.

If you receive an email from the finance department asking to "double check this invoice", for example, don't be afraid to reply asking for more details about the invoice before you open the attachment. Even better, if you use an instant message platform, such as Skype for Business, Slack or Yammer in your company, contact the sender directly there to double check.

Similarly, if the email comes from a supplier or customer and includes an attachment or link, it's better to call them up for clarification or details than to blindly click the link out of a sense of typical British "don't make a fuss" sentiment.

Be warned that scammers may also target you by phone. Remember that your bank will never make an unsolicited call and ask for your security details - if in doubt, hang up and call back. If the call is from "Microsoft support", hang up immediately.

Any of these types of attempted scam should be reported to the IT department as soon as possible.

Education is a key component of the internet security process for businesses. The IT department should be keeping users up to date with the latest policies and best practices and encouraging individuals to come forward with any questions or concerns.

You can see if these messages are sinking in by bringing in companies that specialise in penetration testing and running phishing drills, for example. This can help identify areas of weakness that need to be addressed.

Finally, make sure you keep yourself up to date with the latest security news and best practices from reliable sources.

Main image credit: Bigstock

Originally posted here:
Your essential guide to internet security - IT PRO