Businesses in recent times have taken advantage of new technologies and models that originated and developed in the consumer space. This is the culmination of a fundamental shift in the relationship between employers and employees. This shift has now worked its way into the world of enterprise technology. Enterprises continue to capitalise on collaborative technologies and proliferation of mobile devices by developing applications aimed at improving employee productivity and customer satisfaction.

At the same time, the threat landscape too has continued to evolve, and any disruption caused by spyware, viruses, trojans, ransomwares, identity theft and hardware and application malfunctions now has a huge impact on business. No matter how technology savvy the user, secure computing practices must provide a combination of physical protection, original software and good security settings, including secure actions by the user. This must be another layer of protection over the 11 secure tips for secure computing we shared with you in our last edition.

Below are 5 tips that will help protect your business better:

- Keep all your devices and
computers updated:

There are new software viruses emerging every day. Always run a good antivirus utility and keep Windows and browser-related components (Java, Adobe and the like) updated. Keep your browser clean to prevent adware invasions that could lead to malware infections. It is essential to use anti-virus software and keep it up-to-date. The users should be trained to check whether the anti-virus software is up-to-date and promptly report abnormal behaviour of the devices or computers to IT helpdesk. All patch updates should be change managed and a regular audit of patch management should be carried out. Any exceptions identified should also be investigated.

Finally, a good perimeter and internal firewall should be implemented to help keep unauthorised people from snooping around your organisation’s assets. All changes to the firewall should be managed. A regular audit of firewall rules should be carried out. Any exceptions identified should be investigated. A personal firewall should be enabled on laptops and desktop computers as well.

- Create strong, secure passwords

Passwords should contain at least 8 characters with a combination of letters, numbers and symbols. Strong passwords are less likely to be hacked than very generic dictionary passwords. Use of good pass-phases help avoid having to write down a password. Never share your passwords or pass-phrases with anyone. Passwords should be changed often. Where possible another form factor such a onetime code delivered through SMS or randomly generated token should be used in addition to passwords.

- Keep corporate confidential and personal information safe

Classify all corporate information based on sensitivity. All confidential information including personal information should be encrypted and sent if required via secure email. Never share confidential information using public domains.

- Scan all external devices such as USB drives connected to your laptop and desktop computers

Limit the use of all external devices such as USB drives in critical data processing areas. All external devices connected to the laptop and desktop computers should be scanned always in an effort to keep malware off.

Never use mobile charger provided in public places such as airports and transit stations. These chargers can be used to plant trojans in your smart phones through which the hackers can steal confidential and personal information.

- Back-up important
information

All important business and personal information should be backed up to another computer or device. The information backed up should be stored securely, ideally at another location. All backed up data should also be tested for recoverability at regular intervals.
About the writer:

Sujit Christy is a Governance, Risk and Compliance professional and Director at Layers-7 Seguro Consultoria (Pvt) Ltd. He is the founding member and President of the (ISC)2 Chennai Chapter, Founder/President of Information Security Professional Associates (iSPA) and a board member of the (ISC)2 Colombo Chapter. He can be emailed at sujit@layers-7.com.

Money, Money, Money

CID questions SEC officials on Rs. 5 mln Tharunyata Hetak grant

Hikkaduwa hotels to legally challenge arbitrary liquor tax

Government continues borrowing spree with controversial T-bond issue hanging like Damocles’ sword

SL-China FTA to allow skilled workers here

Sri Lanka Tourism spells out Rs. 3.4 bln budget for tourism promo

Auditors as whistleblowers

New challenges for CEPA as Sri Lankan professionals turn on the heat

Euromoney to hold global confab in Colombo in September

Precision Lapidaries celebrates 20 years

Asiri Laboratory’s first local lab to receive 15189-2012 accreditation

On currency notes

Commercial Bank – steady start to 2015, 1Q profits up 10%

HNB Group PBT in Q1 2015 tops Rs. 3 bln

NTB commences year with a steady performance

DFCC Banking Group extends support to Nepal

Singer in good start for F Y 2015

NDB Bank posts Rs. 1.6 bln post tax profit

Nestlé Lanka maintains steady momentum in Q1 2015

Dialog growth up 6% in 1st quarter

Ceylinco Insurance records after tax profit of Rs.2.1 bln for 2014

Seylan Bank growth up 27 per cent in 1stQ

Ceylon Tea brand has made Sri Lanka famous across the world

Sri Lanka’s IronOne partners with Bangladesh’s Robi on paperless meetings

Government irons out cost estimate issues of Chinese- funded highway projects

DSI inspires future generation through art competition

Current Lankan political scenario holding back Swiss investors, Swiss envoy says

“Real CSR vs Bogus CSR”

Travel Agent still an integral part of global travel planning

Open data culture needed in Sri Lanka – ICT policy expert

Taking control of your health and wellbeing with personal health records on your mobile device

SL software start-ups that think on a global are needed – entrepreneur

Can Sri Lanka contribute to the global electronics industry in design and manufacturing segments?

Lankaputhra Bank to crackdown on loan defaulters

Lanka Exhibitions-led hotel show in Maldives for 11th time

Archetyping comes to Sri Lanka- top leaders Niranjan Deva Aditya, Suresh Shah to address forum

Commercial Bank launches ‘Sipnena’ e-learning on Microsoft Cloud

Pixel Ads wins Platinum at USA’s Hermes Awards

MillenniumIT tech solution drives Peruvian stock exchange

Maps International enters tyre inner flap market

SEC wants fresh laws creating auditors as whistleblower

Hemas to focus on Bangladeshi market

On CEPA agreement with India

Arosha Perera joins Leo Burnett as COO

MTD Walkers offers affordable housing to the public sector

On “The resurrection of Kotelawala”

Public sector needs urgent reforms inclusive of highly-paid officials like Singapore

Transport, Trade and Tourism meet in Germany

New hopes for GK depositors under fresh CB financial support scheme

Sri Lankan SMEs need an independent policy framework from the state

Sri Lanka launches more business-friendly initiative eliminating bureaucratic red tape