Today many business owners install an antivirus program as their Maginot Line and call it a day. However, there are many ways to get into a network that circumvents anti-virus.
Hackers are creating viruses faster than anti-virus programs can recognize them (about 100,000 new virus types are released daily), and professional cybercriminals will often test their creations against all commercially available platforms before releasing them onto the net.
Even if you had a perfect anti-virus program that could detect and stop every single threat, there are many attacks that circumvent anti-virus programs entirely. For example, if a hacker can get an employee to click on a compromised email or website, or “brute force guess” a weak password, all the anti-virus software in the world won’t help you.
There are several vulnerabilities a hacker can target: the physical layer, the human layer, the network layer, and the mobile layer. You need a defense plan that will allow you to quickly notice and respond to breaches at each level.
The physical layer refers to the computers and devices that you have in your office. This is the easiest to defend, yet it is exploited surprisingly often.
Here are a few examples:
- In 2015, 60% of California businesses reported a stolen smartphone and 43% reported losing a tablet with sensitive information.
- The breaches perpetrated by Chelsea Manning and Edward Snowden occurred because they were able to access devices with sensitive information.
- As an experiment, Comptia left 200 USB devices in front of various public spaces across the country to see if people would pick a strange device and insert into their work or personal computers. 17% of consumers fell for it.
For the physical layer, you need to:
- Keep all computers and devices under the supervision of an employee or locked away at all times.
- Only let authorized employees use your devices.
- Do not plug-in any unknown USB devices.
- Destroy obsolete hard drives before throwing them out.
In short, taking responsibility for data security involves a lot more than just a software program.
Learn more about how our company can help. Contact us at or firstname.lastname@example.org .