Cyber attacks are becoming more and more frequent every day. In fact, the IT security sector is constantly reporting countless data thefts from companies.
The primary cause is changes in the working habits of employees. More specifically, workstations are one of the main points of intrusion into IT systems. Nowadays, there are several solutions for securing workstations.
This article will give you some ideas on what to do to improve workplace security in your organisation. But first, it is useful to understand why workstations should be made safe.
Why secure workstations in a company?
Today we live in a hyper-connected world. There is nothing easier than to attack a workstation within a company, where it is connected to all the others in the same company. Often equipped with an internet connection, each individual workstation in the network is open to attack.
As companies have mobile workstations, it is therefore necessary to secure all the workstations they use. In companies, the workstation is the ideal target for computer attacks. And when data is attacked, there is very little chance that the entire computer system will be spared. Installing quick and easy desktop protection tips is one of the most important steps you can take to secure your infrastructure.
What are the possible risks?
There are different threats that a workstation can face.
Physical risks such as :
The risks arising from mishandling of the workstation are the most important for the future of the company, as this can lead to a loss of data on the workstation. Most of the time, they are due to unintentional errors by the users of the workstation. Examples include
Criminal risks that are related to voluntary and illegal behaviour such as :
Indeed, with unprotected workstations, the company risks having its confidential data stolen in the event of hacking. Moreover, workstations are likely to become entry points in the event of an attack aimed at reaching more sensitive systems in the company.
In view of all these constant risks, it is strongly recommended that safety measures be taken and reinforced at every workstation. Even the smallest workstation is important. If this is affected in any way, the entire company information system is seriously at risk. Especially when it comes to computer attacks such as :
In order to avoid these risks, some simple measures are necessary.
Some basic precautions for the user
Even though hackers are working hard to trick us, there are a few quick and easy steps we can take to boost our data security.
Separate personal and professional
The first rule is not to mix personal and professional use on the same workstation. This is especially true if the company provides you with a terminal. Pay attention to the sites you browse and the applications you install on your computer. In principle, work is exposed to less risk.
Separating these two uses allows you to reduce the security risks, even if an employee is likely to receive a phishing email or ransomware on his or her work address.
Installation of security updates
For a work PC, it is more than advisable to program the updates in automatic mode. This programming avoids the need for teleworkers and, above all, potential oversights.
Installing the antivirus software
Once installed, it is imperative to activate your antivirus software to allow real-time protection. It is necessary to update these security applications to keep up with the latest threats identified by the publishers.
It is also recommended that a full scan be performed to ensure that there is no malware on the machine. If you have any doubts, make sure you do not connect to your company's network to avoid any propagation.
Securing accounts
When it comes to choosing a strong password, it is important to avoid anything that is too easy or overused. These have a low level of security, or even close to zero.
A compromised password always represents a direct threat to the company and its infrastructure and other applications. Therefore, it is always better to use a tamper-proof password. To do this, you can use the service of a password generator.
But you can also create a secure password of your own. To do this, simply :
- Choose a long password: the more characters you use, the more difficult it will be to decode.
- Increase the level of security: it is best to mix letters and numbers with spaces.
However, you should make sure that you choose a password that you can remember so that you don't have to write it down somewhere.
Network access protection
Wi-Fi allows you to control your network access. A breach in security can represent a gateway to the professional network and to the resources contained on the terminal. It is therefore necessary to secure Wi-Fi by means of a robust key and the activation of encryption (WPA2).
Data backup
In view of attacks and software and hardware failures, it is always advisable to make a backup to avoid any possible loss of data. The majority of current systems now offer automatic backup in the cloud.
Alternatively, you can save your business data on an external drive, an employer-controlled storage space or a enterprise cloud service.
Precautions at company level
It is necessary to remember that the user is not the only one responsible for the security of his workstation. The company itself must participate in cybersecurity by taking a few steps.
The use of professional terminals
The company should ensure that all employees are provided with business devices. In this way, it will be easier to administer and secure them. Personal computers do not offer the same level of security because they are not supervised.
Access control from the outside
By doing this, only strictly necessary accesses are forced to be opened. However, it is necessary that these are checked through network filtering and a firewall.
In addition, remote employee access can be secured with a VPN connection. Using dual authentication on VPN accesses further protects you from identity theft.
Enterprise-wide password
Just like the user, thecompany has a duty to back up data . This task must be performed and tested regularly, as it is probably the only way to recover everything in case of a ransomware infection.
Monitoring and logging
It is useful to remember that all infrastructure equipment produces activity data, more precisely logs. If there is an attack, monitoring these logs will make it possible to identify the cause and the remedies to be applied.
As for the supervision of sensitive accesses and systems, it will make it possible to warn of abnormal activity, which is a possible indication of an attack.
Employee awareness
The employees of a company are not experts in the field of threats and cyber security. This is why the company has a duty to inform them of the risks and how to prevent them. Similarly, the company also has a duty to provide them with a rapid response if there is any doubt or intrusion by malware.
Job security measures
In view of the various threats facing the workplace, it is essential to protect it. To do this, security rules must be adopted and followed. These rules can be divided into two categories.
Workplace protection rules
This securing can be done in various ways.
Physical protection
The first level of security for a workplace is to protect it from physical hazards. For example, you can :
Installation of antivirus software
Antivirus software is generally known as computer virus protection software. It identifies and removes malicious software.
Its job is to monitor the important areas of the computer, namely:
To do its job, an anti-virus software can use different techniques in order to detect and delete computer viruses. These techniques include:
- Signature search: the antivirus is equipped with a signature database of existing viruses. It scans the files successively to find these previously established signatures.
- Integrity check: the antivirus also regularly checks that the files or executable systems have not been modified. In the event of an anomaly, it is programmed to warn the user.
- Heuristic search : This technique consists of analysing the general behaviour of the system in order to identify unusual behaviour.
Launching a firewall
It is essentially a device that offers the possibility of filtering data exchanged between workstations and the outside world. The interest of activating a firewall is to have the power to control the exchanges between the area to be protected and its surroundings.
Software updates
On a daily basis, several flaws are identified in the systems and software that equip the workstation. It is precisely these flaws that are exploited by malicious software.
These errors are progressively corrected by the software publishers, through the patches they release. It is therefore imperative to regularly update all software installed on a workstation to avoid any risk of intrusion. This handling is easier when it is automated.
Information encryption
As the IT world evolves and workstations become lighter and more portable, the risk of theft has increased in recent years. In order to reduce the consequences, it is now possible to encrypt some of the information it contains by means of a hard disk or a USB key.
This technique prevents people who do not have the decryption key from being able to decrypt the information.
Rules for proper handling of the workstation
When handling, it is important to be careful with the outside world. The majority of malicious software intrusions into computers come from opening a fraudulent document or web page. Hacking techniques appeal to the naivety of users.
Thus, every user must be careful with the outside world. To do this, one must :
Actions to avoid
To improve workplace safety in your company, you should also avoid doing certain things.
Do not use obsolete operating systems
Some examples are given below:
- Windows XP/7
- Redhat Enterprise Linux 5/6
- Centos 5/6
- ...
Getting the wrong administrator
Not everyone has computer security skills. In addition, it is vital to avoid giving administrator rights to just any user.
Today, there is no workstation that is completely safe from the various threats and increasingly powerful tools.
Nevertheless, with the measures we have just listed, you can largely limit the risks. Basic security is always better than no security. Users are not always aware of the risks to themselves and to the company if their workstation is not properly secured.
It is therefore vital to explain to them and show them the right reflexes to adopt to avoid these risks. You can help them in this respect by sharing this list with them, for example!
For more advice and to find out how The Nova Group can help you secure your workstations, send us a message.
Want to know more about computer security?
Download our free white paper "Computer Security".