Companies invest millions to implement the latest and greatest security tools, yet bad user habits continue to expose them to cyberattacks. Users, it turns out, are the weak link in enterprise security.
According to research from Incogni:
· 74.1% of the company’s user base has heard of antivirus software, yet only 57.6% use it. · Only 31% of internet users have ever used a VPN.
· More than 40% of users are not using Multi-Factor Authentication (MFA)as they believe that it is too cumbersome for them.
· More than 75% of internet users are re-using the same password on many websites at least once. They prefer passwords as short as possible despite the fact that the longer the password, the harder it is to crack.
· Users continue to fall prey to phishing attacks at an alarming rate. Some studies say as many as 20% of users have clicked on a phishing email over the past year.
Clearly, users remain a weak link in enterprise security. Here are some steps to take to guard against user slipups and policy violations:
Implement password managers
Users now have so many logins to so many apps, sites, and systems that manual setting of passwords is no longer workable. Letting users continue to set their own passwords opens the door to password reuse, writing passwords on Post-It Notes, and other security violations.
The inconvenient truth on passwords cracking is that those of eight characters that include upper and lower cases, special symbols, and numbers can be broken within less than a day. Password managers can extend that to 18 characters which is essentially uncrackable. They eliminate the burden of remembering lengthy passwords.
Insist upon Multi-Factor Authentication
Multi-Factor Authentication (MFA) adds an extra layer of user verification beyond a password. A text to a phone number, entering a code, or some other method is used to validate user identity. Though not infallible, MFA cuts down the changes of a breach considerably.
Continue to Use Antivirus
Antivirus gets a bad rap. Yes, it is fallible. Yes, it is somewhat reactive in that virus databases don’t contain the very latest malware signatures as they need to be added to the database. And yes, the technology is never enough on its own. But antivirus
catches a lot of malicious traffic and should always be included as part of the security arsenal. As there are more than a billion
malware strains now in existence, having AV in place guarantees catching a good percentage of the total.
Firewalls Make a Difference
Like AV, firewalls are not enough on their own. But they form one essential element of comprehensive cybersecurity defenses. They can protect systems from malicious connections and unwanted traffic and prevent lateral movement on the network should a breach take place.
Not only are users a weak link, those responsible for enterprise security can also sometimes let the team down if they are overworked or are held back by manual processes. Take the case of patch management. Organizations sometimes take months to deploy urgent patches. Why? Internal IT processes stall patch deployment due to laborious testing protocols, queuing systems that are incorrectly prioritized, or lack of enough manpower to distribute patches throughout the user base.
Patch management automation is the answer. Priority patches should be distributed within hours. IT managers should be able to deploy patches to all systems within a few clicks.
Vulnerability scanning is another weak area within the enterprise. For whatever reason, some businesses only perform a scan at a set period such as once a month. But what happens if a vulnerability appears the day following that scan? Cybercriminals have four weeks to wreak havoc if it is exploited. Like patch management, vulnerability management systems should be automated, should continuously scan, and ideally should have automatic remediation features built in.
Syxsense Enterprise takes care of patch management, vulnerability management, and so much more. It is an advanced enterprise security solution that provides coverage for all devices. It offers complete cross-platform support for Windows, Mac, Linux, iOS, and Android devices, with mobile device management (MDM) included at no additional cost. Those managing it within IT can do so without the need for coding due to an extensive library of pre-built Cortex remediation workflow templates that can be deployed at the push of a button.