Why does this happen?

It’s difficult to pass judgement on this issue. My view is that when someone is in their office, bored or tired after a long day, and having ‘exhausted’ their energy on Facebook, they might think that a quick peek at a ‘naughty’ website will not harm anyone? It’s also fair to say that most users probably already know that a web filtering solution is in place, and that their internet activity is monitored, so most of these are more likely than not deliberate attempts to access blocked online material. A user might come across an adult website while researching other topics, but the sheer number of attempts detailed in the statistics simply does not add up to this conclusion. When a specific website is visited, then it indicates intent to do so; however that’s up to the reader to judge.

What should you be thinking about?

Even though employees in the Houses of Parliament probably had a good idea that their online activity was monitored, it didn’t prevent them from attempting to access adult material. Moving away from the topic of porn and MPs in the UK, and looking at matters closer to home, how can you prevent something similar from happening?

What can you do to make sure that your staff spend their time more efficiently and productively? Here are a few tips:

1)      First things first, if you don’t have a web filtering and monitoring system in place, then you really should implement one – unless you want to start wondering what each employee in doing online

2)      You need a web filtering solution which will allow you to drill-down exactly into what a specific user is doing, as given by example in this short video:  Monitoring Internet activity at the office.

3)      Your web filtering should proactively advise and alert you when a user attempts to visit ‘naughty’ websites, or other illicit webpages, so that your HR department can decide whether or not to remind them of the company’s best practices on Internet usage.

4)      You should invest some time and resources discovering how much time users are spending on websites which are unrelated to their official duties.

GFI WebMonitor® is an affordable solution that allows you to address all of the above. Besides the ability to block categories of undesirable websites, it is very easy to use the Activity dashboards and reports to identify employees whose time could be better spent working for you, than searching the web for themselves. Real-time configurable alerts allow you to send emails to the appropriate people when their online behaviour merits it. Search engine query monitoring, for example, will clearly show what a user’s intentions were and the appropriate department can take the necessary actions, including education, to ensure there are no repeat offenders. GFI WebMonitor offers companies many other benefits such as added web browsing security and mitigation of bandwidth issues.

Try GFI WebMonitor for free for 30 days!

This was a targeted phishing attack and the SEA sent several phishing emails to staff members of The Onion. They knew that any journalist would be interested in their email and click on a link. In fact, their email prompted the user to enter their Google Credentials to access the link. This was done repeatedly using the same or similar methods until they succeeded in getting the credentials to all their social media accounts.

The same techniques were used to get the passwords for the Associated Press Twitter account – by luring people with targeted content that spiked their interest. What is key to their success is the fact that every time their email looked and read legitimate, hoodwinking the users.

The Onion have also published the following tips to ensure that other high profile Twitter accounts don’t get compromised

• Make sure that your users are educated, and that they are suspicious of all links that ask them to log in, regardless of the sender.
• The email addresses for your Twitter accounts should be on a system that is isolated from your organization’s normal email. This will make your Twitter accounts virtually invulnerable to phishing (providing that you’re using unique, strong passwords for every account).
• All Twitter activity should go through an app of some kind, such as HootSuite. Restricting password-based access to your accounts prevents a hacker from taking total ownership, which takes much longer to rectify.
• If possible, have a way to reach out to all of your users outside of their organizational email. In the case of the Guardian hack, the SEA posted screenshots of multiple internal security emails, probably from a compromised email address that was overlooked.

This story raises a number of questions that management in any organization should be asking:

How easily could the staff of our company fall for a targeted phishing attack? Using the Twitter, Facebook, or Google account credentials to sign into websites has become almost the norm today and users do so without thinking about the risks and security repercussions. What would happen if users received a faked password reset email that asked them for their credentials? Would they believe it? Have you tried or considered testing your staff with a control phishing exercise? Do you think education is enough or do you need specific tools to ensure employees are protected against these types of phishing attacks? Leave a comment below and let us know.

Like our posts? Subscribe to our RSS feed or email feed (on the right hand side) now, and be the first to get them!

The NCAA Men’s Division 1 Basketball Championship, AKA “March Madness”, is a major distraction in U.S. workplaces every year. The tournament kicks off March 19, with the busiest tournament days occurring on Thursday, March 21 and Friday, March 22 during standard business hours (beginning at 9am ET).

It’s only natural that employees’ level of interest is high when there is so much focus on the tournament in such a short span of time. Employees who are following the tournament closely are highly likely to turn to the Internet to stay up-to-date on the latest news and scores. With so many websites available to follow the tournament, it is very common for employees to watch live streams of games, listen to audio commentaries, view game highlights on ESPN and others, search for the latest results and stories, and participate in other related activities while at work – all of which are likely to cause a significant disturbance in three ways:

Bandwidth bottlenecks

With multiple users streaming content simultaneously, the available bandwidth is easily taken up. This can have a severe impact on other applications which are dependent on the Internet, such as VoIP, CRM, email and other cloud and Internet-enabled applications. Typical streaming content consumes 10Mb of data per minute. Multiply that by a significant number of employees and you can see why a bandwidth spike creating a bottleneck is inevitable.

Productivity loss

With games held during regular business hours, many users will be following results as they happen. This major distraction could severely impact productivity over the course of the tournament.

Security problems

Hackers have always used high interest stories and trending topics as lures to infect users’ machines. March Madness is no different, and it is almost certain that cybercriminals will use the tournament to trick unsuspecting users into falling for fake websites, SEO poisoning, phishing and other malicious scams.

To manage these problems, companies need to be prepared to enforce Internet usage and web filtering best practices, including:

• Informing and educating employees about the effects associated with March Madness and giving them browsing tips that will help to address these challenges – e.g. advising users to avoid streaming live games, to be cautious of which websites they visit and to avoid clicking on links that come from an unfamiliar source.
• Implementing web security software that:
  • Automatically blocks malicious websites and ensures any websites visited are free of malware. A point to note is that an anti-virus engine alone is not enough to stop all threats – a dedicated web security engine is now also a must.
  • Allows you to define bandwidth quotas, such as limiting downloads from streaming media websites to 100Mb a day, and limiting visits to news, media and sports sites to 30 minutes per day.
  • Blocks websites which could pose legal liabilities, such as gambling websites.
• Setting up action-based alerts to anticipate problems before they develop and take the necessary action to immediately remediate issues as they rise.

Allowing employees to follow March Madness activity in the workplace can boost employee productivity, motivation and morale in the long run – but their web browsing has to be controlled. Uncontrolled usage of the Internet can result in serious issues, not just during the March Madness tournament but throughout the year. Luckily, there are advanced tools available to help IT balance the negative impacts of non-work related browsing with the need for employees to take a break, de-stress and stay motivated.

If you’re interested in a good web filtering solution, take a look at GFI WebMonitor.

You can download a free trial for 30 days. It’s worth a try!

Harlem Shake follows hot on the heels of another Internet ‘sensation’ – Gangnam Style; a song and dance routine that racked up over one billion hits on YouTube.

Although Gangnam Style has spawned hundreds of similar video clips, Harlem Shake seems to be a different animal altogether with people across the world organizing their own Harlem Shake events and videos and then uploading to YouTube and other social media sites like Facebook, Twitter and Instagram. According to the Globe and Mail in Australia, up to 4,000 videos of Harlem Shake variations are uploaded to the Internet daily.

The Harlem Shake continues to grab headlines and although for many it is harmless fun, you do not want to run afoul of any law or policy, especially in the workplace. The hilarious performance by a group of miners in Australia brought a smile to many, but their bosses didn’t find it funny at all. They were fired from their high-paying jobs after the performance was deemed a safety hazard. Ouch!

These viral videos are a big headache for IT administrators. Everyone loves a good laugh and respite during work but when you have a few hundred employees watching Gangnam and Harlem clips throughout the day, you have a problem on your hands.

Bandwidth is a very a precious and expensive resource for a company and streaming media has a huge impact on the corporate network. Let’s look at the figures and calculate the impact on bandwidth streamed for a single viral video.

The first hit on YouTube is a 5:30 compilation video of Harlem Shakes. An average one minute of video stream from YouTube is approximately 10Mb of data. At one point, you have 25 employees who are watching it:

25users * 10MB * 5.5minutes = 1,375MB in five minutes!

Employees take Internet access and browsing for granted and they often forget the multiplier effect when using bandwidth heavy websites at the office. YouTube, for example, with its artist playlists covering every musical taste, encourages its use as a personalized radio. Online radio is also commonly used by employees for their daily dose of favourite radio shows and music.

Recalculating the amount of bandwidth consumed:

25users * 10MB * 60minutes * 5 hours = 75,000MB

75GB! And you wonder why your Internet is somewhat slow? The reality is most people forget to turn off the stream when they leave their desks.

Email, video and teleconferencing, VoIP, instant messaging, VPNs, apart from browsing, are part and parcel of our daily lives – so much so that we simply expect things to work. Employees in a company are of the same mindset. They expect a fast Internet connection and anything slower than what they are used to, at home, for example, is totally unacceptable and results in a constant flow of complaints when the connection is slow or not working well. It’s then up to the administrator to figure out a solution to a problem that employees are the cause of themselves.

If you are an IT admin or senior executive with your eye on the expenses sheet, what can you do?

Bandwidth quotas – A GFI® success story 

Many web filters today allows admins to set bandwidth quotas. In the example given above, we don’t need to enforce a percentage quota of, say 10% of available bandwidth at any given moment, because this won’t have any effect (streaming media won’t consume 10% of available bandwidth by any single person). The problem is the cumulative effect of the stream. You would need to introduce bandwidth quotas by volume.

The introduction of a 100MB quota per day in our offices, using the standard functionality of GFI WebMonitor®, reduced the bandwidth consumed by streaming media by 66%. The screenshots below show downloads from “Streaming Media” totalled 131GB in January but only 45GB for the month of February when quotas were introduced. The great thing about quotas is that with reasonable usage of YouTube for office related purposes, an employee is unlikely to hit the quota in a day. If they do, an exception can be applied to give them a higher quota.

If your bandwidth costs are calculated based on usage, you can quickly see how quotas can save you quite a lot of money too!

January Streaming Media Usage:

February Streaming Media Usage:

Streaming of viral videos like the Harlem Shake, Gangnam Style, and other streaming media can have a negative impact on the corporate network. IT admins should not forget the threat of a malware infection because these trends are picked up on by hackers who entice users to visit their infected sites.

With a web filter in place, along with quotas, IT admins can improve the quality of their Internet connection, keep the workforce happy and malware at bay. If you have seen a drastic change in bandwidth consumption over the past month or so, it pays to have the tools to check what is going on and take action to solve the problem before it gets worse.

If you’re interested in bandwidth quotas and web filtering, take a look at GFI WebMonitor.

You can download a free trial for 30 days. It’s worth a try!

1. Facebook and Apple®

Two of the most recent high profile hacks were those targeting Facebook and Apple employees. Although it has been reported as a hack, it looks more like a malware attack.

The result? Those computers that had Java plugins with vulnerabilities were infected.

The lesson to be learned? Do yourself a favour and disable the Java plugin in your browser. Trust me, you probably don’t need that plugin anyway. Tools such as GFI WebMonitor® (used to block malware) and GFI LanGuard® (which patches vulnerabilities in OSs and software) help mitigate the risk of these types of attacks.

Vulnerability exploits are among the most prolific forms of attack on the web right now, and if you, as an IT Administrator, haven’t included them as part of your plan, you should – now. Don’t wait until your company becomes the next victim. After all, if Facebook and Apple employees’ machines were infected…

2. The New York Times (and other cyber attacks)

Cyber-espionage and state-sponsored cyber attacks appear to be on the increase lately. Various nations have dedicated experts whose role is to find weaknesses in other countries’ systems or company networks and launch attacks to gain access and/or steal information.

These attacks are far more sophisticated than those attacks on Facebook and Apple. They are known as Advanced Persistent Threats and are a concerted effort to get to a company’s data. These attacks can be passive, that is they are silent attacks and just reside on the system, and “listen” to information which they then use to their advantage. Or they can be active, whereby attempts are made to disrupt the infrastructure, communications, power-generation and distribution.

3. Twitter Accounts

On many occasions, Twitter accounts are hacked because a weak password is compromised. Celebrities are the usual target because they typically have millions of followers, giving hackers far greater benefits when they obtain access to the account. Burger King® was the victim of this type of hack just for the “lulz” (a harmless prank with no malicious intent). In this case, the hack resulted in the rival Big Mac being advertised on Burger King’s Twitter account. The reason their account was hacked was likely due to the fact that the password was “whopper123”.

Well known TV presenter and journalist, Jeremy Clarkson also fell victim to an attack by a spammer. His account was used to market a diet website. Reacting in typical Clarkson style, he tweeted “I have been hacked by spammers. Luckily I have acquired a special set of skills over many years. I will find them. And I will kill them”. On a more practical level, choosing a strong password and ensuring applications are not allowed to connect to a Twitter account, would have prevented this from happening in the first place.

So how can you counter these attacks? Simple, make sure all your teams are using complex passwords for their social media accounts.

4. Leaked user data

This hack can lead to some seriously bad damage to a company’s brand. Do you remember the PlayStation® hack and the harm it did to the brand? It certainly won’t be forgotten anytime soon.

Protecting a company or network against these attacks requires a strategy, not just a quick fix. Start with basic spot checks to determine if you are encrypting user data, credit cards and passwords. Then check if your content management system is up-to-date. Have you had someone perform penetration testing of your system to see if they can gain access to your precious data?

Even if your company is relatively “small” it doesn’t make it less attractive to attackers. There is a growing black market which thrives on attacking small businesses because these businesses cannot provide the same level of network security as larger businesses can.

Like our posts? Subscribe to our RSS feed or email feed (on the right hand side) now, and be the first to get them!

The inadvertent source – website owners

Do you own or run a website? Do you develop websites for friends, family or clients? Are you sure that any of these websites you own or manage do not host malicious content? Hackers often use websites that are not maintained or are configured incorrectly as a host for malware. As a result, you may be inadvertently giving your Internet readers more than they bargained for – or wanted in the first place.

How can you prevent this from happening? There are several steps to take:

1. Always use the latest version of the content management system (CMS). Whether you are using OpenCMS, Joomla, WordPress, Drupal, Magento, DotNetNuke, Kentico, or any other popular CMS, ensure it is fully patched and updated so that vulnerabilities are kept to a minimum.

2. Use the latest version of third party plug-ins (such as forums, shopping carts, newsletters, templates). Just like your CMS, plug-ins may have vulnerabilities. By running the latest versions, you greatly reduce the risk these vulnerabilities can be exploited.

3. Ask your host to help you secure your website.

4. Use Google WebMaster Tools to monitor your website’s health. Google WebMaster Tools will advise you immediately if your website is infected with malware.

5. Do not make use of pirated content management systems, templates, plug-ins, or anything coming from unreliable sources. These may carry malicious code and the price you pay is often far higher than if you had to purchase the original software.

Websites using old software are a primary source of infection on the web. Vulnerabilities in old software versions are exploited to infect visitors to your website. At times, even opening a website is enough for a machine to be infected – no download or user interaction is necessary. There are several tools that facilitate the exploitation of these security loopholes.

The middleman – IT admins

IT admins have many tools at their disposal to ensure safe and secure browsing for users. Traditional security mechanisms, such as firewalls and anti-virus software, whilst important, are simply not enough.

Let’s look at how these can help:

1. Use a corporate anti-virus solution to protect all your endpoints

2. Use Web security software to block security threats before they reach your users

3. Use anti-spam and email security software

4. Use vulnerability assessment and patch management software to keep all software updated and patched.

All these solutions are available in different delivery models – on-premise, cloud or hybrid. The best solution is that which fits your needs and IT environment.

The victims

Computer users can also take steps to ensure they are not the victim of a malware attack. First, make sure that potentially vulnerable computer software is updated; closing holes makes it harder for a threat to cause damage. It only takes a couple of minutes to install software updates. When you are prompted to do so, resist the temptation to click “ignore” or “later”. It takes longer to remove an infection or to format a machine.

There are other actions to take too:

1. Enable Windows® updates as these will address commonly exploited bugs on your computer.

2. Enable the Java browser plug-in ONLY if you need it. The Java plug-in is one of the biggest threats to your machine. Use the latest browsers, such as Chrome, which will allow you to enable the plug-in if, and when necessary.

3. Make sure Adobe Reader and Flash are always updated, and that auto-updates are enabled.

4. Uninstall ALL browser plug-ins which you don’t really need to keep your browser lean and clean.

5. Keep other browser plug-ins updated. If they aren’t, only enable them when you fully trust the website you are visiting.

6. Do not switch off or disable auto-updates on any software as these exist for a very valid reason. Software vendors provide updates to ensure you have the most stable and secure version of their software.

7. Do not use pirated software as this is often booby-trapped.

Tracking Malware in the Wild

Stopbadware.org have created a fun video on malware. It conjures up images of the late Steve Irwin, creating a “Crocodile Hunter-style” explanation of “Tracking Malware in the Wild”.

Like our posts? Subscribe to our RSS feed or email feed (on the right hand side) now, and be the first to get them!

There are situations when hardware fits the bill, but there are eight reasons why software in most cases comes up trumps:

1. Software costs less

In most cases hardware solutions are more expensive than software products. The price of the appliance includes the costs of manufacturing, storage, delivery, defects, supply chain and all the other related expenses for a piece of hardware to go from drawing board to retail shelf. Act with caution if you’re offered a low cost hardware appliance – you may not be getting the quality and components you need.

2. Software can live side-by-side with other software

Many organizations now have virtualisation as a core component of their IT infrastructure, giving them the added benefit of getting the most bang for their buck from their hardware. You can easily have several software products on the same hardware, or even on the same server installation. Hardware appliances, on the other hand, are limited to a very specific purpose. This makes software solutions and virtualization ideal for SMBs who often need to be flexible.

3. Software is easier to back up

A software solution is very easy to back up and restore. If something goes wrong, bring out that tape and restore to your last backup point. You can’t do this with hardware appliances.

4. Software is much easier to upgrade

When you use hardware, you are stuck with the appliance’s specifications for the duration of its shelf life. What happens if your logs outgrow the storage space on the hard disk of the appliance? What happens if your company grows or shrinks? Software can be installed on almost any hardware, and then upgraded accordingly. You can deploy on multiple installations, or on multiple servers, when needed. You do not need to plan and buy large hardware “just in case”. When you outgrow your installation you can upgrade your server or scale-out, and in this way your old hardware won’t be thrown away; it will simply be repurposed.

5. Software is much easier to deploy

A lot of software requires few, if any, infrastructural changes to be deployed. Hardware appliances require more effort, including occasional infrastructural changes such as increased rack space, additional power, more cabling, etc.

6. Software is easier and cheaper to deploy across multiple branches

You don’t need to buy an additional appliance for each branch of your organization, and for seat-based installations you can have as many installations as you like.

7. Logistics

Software can be downloaded and installed. You don’t need to wait for the delivery of the appliance, hassle to get it through customs if delivered from another region, or return the product if it has a defect. Software even offers trial licenses to allow you to “try before you buy”.

There will always be occasions when a hardware appliance makes more sense, particularly if it’s a standard for the tech industry. That said, when you weigh the overall benefits, especially functionality, ease of use and costs, software is often the better option. As always, SMBs would do well to shop around and do their homework first before making a decision.

Like our posts? Subscribe to our RSS feed or email feed (on the right hand side) now, and be the first to get them!

One of the most common complaints that IT administrators receive is that the Internet is slow. But no one seems willing to understand is that it is not your fault that the Internet is slow. In fact, the problem is not a lack of bandwidth, but is instead caused by the existing bandwidth being used inefficiently, or by it being eaten up by high bandwidth, non-work related websites.

Take back control with GFI WebMonitor

You can stop those annoying phone calls and questions as to why the Internet is slow by using GFI WebMonitor. This software has a number of great features that allow you to control your Internet connection to ensure fair use for everybody.

So what exactly can GFI WebMonitor offer you?

1. The real-time termination of large downloads – Did the CEO call you complaining that he can’t access his stock portfolio because everything is slow? If it wasn’t slow until a while ago, you can log into GFI WebMonitor and see if someone is downloading a massive file that is hogging your bandwidth. You company’s IT policy states that large files should be downloaded after office hours. So your solution has just three simple steps: you kill the download connection using GFI WebMonitor; you call the CEO and tell him that problem is solved; then you call the user and share your thoughts about bandwidth use with them.

2. Bandwidth quotas – Before you overreact and institute a company-wide block on YouTube, take a look at why it is being accessed. If users have made YouTube their radio channel, it can quickly become a serious problem. The solution is simple: GFI WebMonitor allows you to set bandwidth quotas which give each user a daily usage limit on video streaming websites like YouTube. For greater flexibility, different quotas can even be applied to different departments.

3. Blocking of bandwidth hogging websites – Some websites are simply a waste of bandwidth. The infamous MegaUpload used to boast that it received four percent of the Internet’s traffic with 50 million daily users. Many of those were corporate users and, although it is now shut down, there are many similar websites that are being used. Even the legitimate use of ones such as the popular DropBox can be bandwidth hungry. These sites can quickly overwhelm your connection, so blocking them or implementing quotas will ensure nobody is slowing the company down by downloading tonight’s HD movie over the corporate network.

4. Block streaming media within websites – Some websites, such as sports sites and news sites, stream a considerable amount of video as part of their content. Once again, these streams can quickly overwhelm a connection. Certainly we are sure to see a spike in media website usage with the upcoming London Olympics and Euro 2012. With GFI WebMonitor you can block the stream without blocking the website itself, thereby saving vital bandwidth.

5. Bandwidth consumption alert – the above are all great features, but maybe you just want to allow people to monitor themselves. However, you still need to be able to enforce policy on those that don’t play by the rules. But what can you do? Monitor the connection constantly? GFI WebMonitor features real-time graphs that allow you to set up notifications based on specific criteria. For example, you can set the software to alert you when someone has consumed 500MB of downloads in an hour, or more than 5GB in a day as these are obviously anomalous situations. You will be advised via email and you can then handle the situation on a case-by-case basis.

6. Bandwidth dashboards and scheduled reports – GFI WebMonitor features easy-to-use bandwidth specific dashboards and bandwidth only reports. This allows you to quickly analyze usage trends, commonly visited sites, prolific users, peak usage times, projected downloads and uploads and many, many more variables to give you a complete picture of what is going on in your network.

GFI WebMonitor therefore offers you a powerful toolkit to ensure you can apply a fair Internet usage policy across your network, allowing everyone in the company to use critical Internet applications without being bogged down by useless bandwidth demands.

Have a look at what GFI WebMonitor can do to improve your network web security system, or just download a free trial and give it a spin!

Step 1: Security at the perimeter

Rather than depending only on protection at the client-side web security should be handled at the edge/perimeter of the network (just like with your firewall). In this manner you are actually preventing anything malicious from reaching the endpoint – problems are tackled where any risk can be mitigated by keeping it segregated from the internal work.

Step 2: Antivirus protection

One of the first steps to achieving web security is scanning of user downloads. The biggest security threat posed by browsing users is when infected files are downloaded to the network. So scan all downloads at the perimeter.

Step 3: Multiple antivirus engines

The principle of multiple layers applies to antivirus scanning. Rather than virus scanning using a single antivirus engine, a multiple engine approach is ideal. This is because any single engine can never realistically cover all threats so with multiple engines you can ensure greater coverage.This is not feasible at the endpoint for performance reasons but all downloads should be scanned at the perimeter by multiple different anti-virus engines.

Step 4: Download prevention

Most users do not need to download and/or install files from the Internet. Allowing them access to download high risk files is an implicit security threat. Thus, as a proactive approach to web security, the IT administrator should actually implement policies which stop users from downloading these specific high risk file types.

Step 5: Blocking websites by content categories

Using a web categorization database it is important to block high risk websites and prevent access to potential threats posed by your users’ web usage.

Step 6: Blocking known malicious websites

A proactive approach to security would be to automatically block malicious websites – this ensures that users are stopped from accessing such websites in the first place rather than reacting to the malicious content (i.e. hoping the antivirus solution can detect the strain). This proactive approach nulls any risk that the specific website might present.

Step 7: Blocking phishing websites

The costs of a successful phishing attack can be very high – with either direct financial loss (bank or credit card details), or data leakage (confidential information) which would have very large indirect costs. The implementation of an anti-phishing engine is therefore essential.

Step 8: IM blocking

Allowing the uncontrolled use of IM (Instant Messaging) clients means introducing significant risk to the organization – and thus policies should be in place to ensure IM is only used if necessary and for reasons clearly outlined by a policy for IM use.

Step 9: Blocking via Web Reputation

Despite the implementation of the above mechanisms, most of the above features rely on detection of an existing threat. Web Reputation is a prediction of the threat that a particular website might pose in the near future. The concept of reputation is that of analyzing a website to determine whether a specific site poses a potential security risk; if that would be the case, then it can be blocked before it actually becomes a threat.

Step 10: Education

Although systems can help mitigate risks, no security system is 100% safe and the responsibility of web security remains with the end user.
Educating users is paramount. The biggest risk to the organization or network is always the end user, so your strongest defense point is to educate them. Unless they understand that they need to be constantly wary when using the Internet, then they will always be a weak point. Users must have a basic understanding of the different types and methods of attack they could be exposed to whilst browsing. They need to learn to treat every link with suspicion, and be responsible for their actions rather than assuming it is solely the responsibility of the software and IT team to protect them. Tech-savvy users might also try to find ways to circumvent your web security measures, if they don’t realize that their actions could cause irreparable damage to the network and the organization.

Ultimately this is probably the toughest challenge; however the highest level of web security would have been reached if that hurdle is overcome.

With these ten steps in place, and using a web security solution that provides protection against all the above mentioned security risks at a low cost, your network can benefit from effective web security.

The top five web security traps

Now that you know what the steps are to gaining effective web security, watch our quick video which outlines five very good reasons to get down to it. It only takes one malicious link, infected download or data breach to compromise the security of your business. To help you get started, here’s some advice for you to share with your network users on five common online security traps.

Have a look at what GFI WebMonitor can do to improve your network web security system, or just download a free trial and give it a spin!

So let’s take a look at a few predictions which are more likely to hit the mark:

1. Social Networks

Social networks are malware creators’ field of opportunity. Why? Think about it, social media users share information (sometimes too personal) with their ‘friends’ and click on their friend’s posts and links without the slightest suspicion that that link might be malicious. They don’t see the link; they see who posted it and associate it with him/her – a friend they trust. This is just what hackers want – victims delivered on a silver platter. There are various methods of stealing social networking logins, gain access and then use these trusted profiles to send spam email and share other malicious content. We’ve already seen this happen in 2011 with the Ramnit virus which was used to steal 45,000 passwords, and it will surely be used more often. Social network details will be sold in the online blackmarket, and will become a much sought after resource leading to more and more attacks.

On the same lines, celebrity Twitter accounts will also become lucrative targets. With millions of followers, a compromised account could result in millions of victims in a few hours. Lady Gaga was the notorious target in 2011. Who will it be in 2012?

2. Social Engineering

Highly targeted social engineering will remain hackers’ top method of attack. Malware creators will design new and highly targeted techniques which will win them their victims’ trust and guide them into giving the information they’re after. We can expect variants of existing techniques to flourish as well.

3. Mobile Malware

What about your mobile device? With so many smart phones around (especially in the business sphere – where people are using these phones to check their work mail even when outside the office), this is a brilliant opportunity for malicious individuals to get information from their victims. And to add insult to injury, few mobile users are aware of the threats. They tend to install any app without reviewing permissions or the small print (or lack of it), making it so easy for rogue apps to make it onto their device. There’s definitely going to be more news of adware, spyware and other malware targeting mobile devices this year!

4. Topical News

And once we’re at it, the end of the world predictions (and with it, the Mayan calendar), the London Olympics, the elections in the US, and any other major events will definitely be used to spread more malicious attacks.

How can you prevent these threats from turning 2012 into a year that will mark the end of the world for your business?

The first and most important step is to educate your employees. You can invest in the best security software and control most of what goes on in your infrastructure, but what about what happens outside work? Who is going to stop an employee from giving out confidential information to malicious sites whilst working from home? Your employees need to understand the danger and they need to know how to distinguish phishing and malicious mail from genuine email, malicious URLs and downloads from the real thing and so on.

One way to educate employees is for the IT department and Human Resources to work together to create an acceptable usage policy which employees can refer to. Not only will this document clearly state what is acceptable or not, but it will help employees to understand what threats exist and how their actions can cause problems for the company and for themselves.

The next step: do not believe that every employee is going to follow policy to the letter or do everything right. You need to complement education with an investment in the right security tools. Even the most cautious of employees can be misled by websites that appear to be genuine. Protect your corporate network by investing in good web monitoring, web filtering and web security solutions; suggest to your employees to invest in a good anti-virus solution for their phones; and if those phones are sanctioned by the company, make sure you have the tools in place to implement security and protect the network. Also invest in a comprehensive email security solution.

Are you seeing any other forms of cybercrime making the headlines this year? Leave us a comment and let us know!