Are Your Users Following These It Security Best Practices

Are Your Users Following These IT Security Best Practices?

Arraya Insights | August 18, 2015

Stop. Think. Connect. Those three words are the basis of a global campaign designed to raise cyber security awareness. If end users follow along, it can go a long way towards making IT’s job of providing a safer, more secure technological environment that much easier.

The campaign began in Oct. 2010 and it’s the brainchild of a partnership of various private companies, non-profits and governmental organizations. This list includes the National Cyber Security Alliance (NCSA) and the Anti-Phishing Working Group (APWG), which have worked together to help spearhead efforts since the campaign’s inception.

The campaign urges users to:

Stop: Before users access the Internet, there’s a certain baseline of knowledge they need to have. To start, they must understand their actions online will have consequences and accept that. Plus, they must also be tech-savvy enough so they can spot and avoid potential problems.

Think: Users should consider every move they make online before they make it and exactly how each could potentially impact their safety, the company’s safety, etc. It’s not just enough to know there will be consequences, they must know what those consequences could be and how far they could reach.

Connect: Security is an on-going process so these steps must become a habit. However, once users have taken the necessary precautions, they should feel confident in their ability to browse the Internet safely.

Two keys to better IT security

Two areas which Stop. Think. Connect. has highlighted recently are two-step authentication and mobile security.

Two Steps Ahead

IT pros know passwords don’t always offer much in the way of protection. That can be true even if users aren’t securing their accounts with easy-to-guess or commonplace passwords like “password” or “12345.”

The goal with the campaign’s Two Steps Ahead initiative is to increase familiarity with and use of two-factor authentication techniques. This method builds upon passwords by adding an additional layer of security. Instead of only logging in with a password and a username, users will have to provide an additional form of proof that they are who they say they are, e.g., clicking on a link or replying to a text message sent to their phone.

The campaign’s website is home to a number of resources IT can use to educate end users about the importance of two-step authentication, including videos, downloadable posters and FAQs. In addition, the campaign is currently on a multi-city tour also in support of the issue.

International Mobile Safety Tips

These tips were first released by Stop. Think. Connect. near the tail end of last year’s Cyber Security Awareness Month, however, they bear repeating. This updated set of mobility tips provides users with a set of best practices to follow while they’re utilizing mobile devices.

Highlights that can be passed along to users include:

  • Keep a Clean Machine
  • Most users understand the need to keep their desktops or laptops updated and to watch out for malware while they’re using them. This doesn’t always extend to mobile devices, although it should. Operating systems need to be kept up to date and the Stop. Think. Connect. mindset should apply regardless of device.
  • Restrict Access to the Device Mobile devices have become critical parts of a person’s home and work life and as a result they’ve also become a storehouse of confidential data. Mobile devices need to be secured with a strong passcode and kept in a safe place. Also, when an app requests access to info, users should look into what it wants and why before agreeing.
  • Connect with Care Public Wi-Fi may seem like a helpful perk, but it can be incredibly risky. If it must be used, users should limit it to low-risk activities and adjust their security settings accordingly.
  • Be Web Wise Users should try to stay current with the latest threats and security techniques. IT can only do so much. It helps to empower users and get them concerned about their own safety.

A clear path to increased IT security, mobility

Changing the way users think about security and their habits are both huge victories in the fight to keep the IT environment secure. However, it is also essential to have the infrastructure in place to support that new corporate culture, whether it’s with cutting-edge security solutions or an enterprise mobility suite.

Arraya’s team has decades of experience deploying and supporting these types of solutions and more. We leverage our relationships with industry-leading vendors to find the right solution to meet our Clients’ unique business challenges. From there, our Managed Services team can help deploy and support that solution for the entirety of its lifecycle, ensuring Clients realize the highest possible return on their initial investment.

Want to learn more about how Arraya can help? Visit us online at www.ArrayaSolutions.com to read about the services and solutions we offer, our distinct methodology or to be put in touch with one of our Account Executives. Also, follow us on Twitter, @ArrayaSolutions, to keep up with all of our latest news, updates and special offers.