No matter how many times your IT staff tells employees not to download any software and no matter how many policies and employee handbooks, it is inevitable, an employee is going to put your network at risk by bending or breaking those rules. Malicious software, otherwise known as malware, lurks in all kinds of places, especially in the web browser and email, ready to infect the next network that comes along.
In many small and medium companies, the IT support team tends to be very small. There is no way they can keep up with all of the potential malware attacks lurking behind every internet corner. Malware prevention can be accomplished by having good cyber sense, but unfortunately, that’s not always the case with every employee. You will always find that one employee who NEEDS to access their social media accounts, or who secretly plays addictive computer games, or who inadvertently gained access to a website that poses a risk.
Here are six different personalities in your business who make your network vulnerable to malware and how you can mitigate the risk:
1. The one person with a loophole
Yes, the employee handbook has a very strict rule about using company computers for personal use. The time at work is not meant for social media, personal email, or the latest online game since Candy Crush. However, there’s always one or two people in the company who will break the rules because they can.
When a user can exempt themselves from the company policy, they put your network at risk, especially if they have admin rights (they shouldn’t, ever!). And when employees use their computer as they see fit, they will likely make their machine vulnerable causing a weakness in your network which will allow malware to infiltrate the systems and wreak havoc.
2. The one who opens the email from the African prince
Everyone has received the email from the African prince who needs money for his community. If you haven’t, you’re one of the lucky few. However, there is a possibility someone within your organization is not very tech savvy or really gullible.
If by any chance this person happens to stumble upon an email from the IRS stating you or the company owes them money and is directed to click on a link in an email, your network is in trouble. Hackers are hoping there is someone within your organization who is gullible enough to click that link, and chances are, there’s always that someone.
GFI MailEssentials filters out SPAM with potential malware threats before they hit your email server. By getting to these emails early, they are less likely to hit the gullible employee’s inbox, giving you some peace of mind.
3. The person who believes everything they see
It’s very likely that someone within the organization wants to fix their slow computer themselves without consulting with the IT department. Maybe they don’t want to disclose they have been perusing websites containing adult content and they have potentially contracted something nasty. Instead of admitting they broke company policy, they think they can fix the problem themselves.
Unfortunately, they believe everything they see online or are desperate to find a quick fix. As the employee uses their search engine to find the latest free malware security software, the employee clicks on a download which makes matters worse.
Keeping an eye on every computer in your network is a lot of work. You can simplify your visibility by looking into security products like Kerio Control which creates restrictions for potential threats found on the web. You can even zero in on the employee looking for adult content during business hours.
4. The one who says your antivirus slows them down
Your antivirus could take up quite a bit of RAM when it is running. The impatient employee who wants their computer to run at super speed will find themselves disabling the antivirus, making their machine susceptible to malware.
All hackers need is one small little loophole to enter into the system. Just as we learned with Meltdown and Spectre scenario, vulnerabilities exist even when we think we have the best protection. By disabling the antivirus, that computer becomes more of an easy target.
5. The one who is too busy to patch
We know IT professionals are busy and overworked. As soon as one printer breaks, it seems the rest of the company is about to go up in flames. Ensuring all of the machines at your place of business is up to date is a tough task.
Patching is one of the best ways to close vulnerabilities that worms and other malware exploit. Leaving a system unpatched is tempting fate.
Utilizing a product like GFI LanGuard will simplify your patching process greatly. Not only will you be able to get a look at all of the equipment and apps on your network but you can deploy patches from one main center to as many devices needed, even remotely. As always, we advise to first deploy patches in your test environment before deploying to the whole network.
6. The person with bad cyber hygiene
This person just does not give a care about their computer. They are there to work but think it’s OK to head to their favorite social media outlet and spend hours mindlessly reading status updates. Or they want to stream a video or podcast from their favorite celebrity to listen to while working. Or how about the latest episode of Walking Dead from some torrent site which always turns their machine into a zombie?
No matter how many times this person has contracted malware on their computer, they continually do the same thing over and over. They simply have bad cyber hygiene. They want to do what they want to do, no matter the cost.
These six personalities exist in almost every workplace. The good news is that GFI Software has several solutions to keep these employees from sabotaging your network.