Plan your Hack-Safe Infrastructure
We know that the way we work has changed: it is mobile, it is digitally collaborative and it is increasingly reliant on cloud-based systems. At the same time, digital risks have changed. Cyber attacks now increasingly target these new modes of work – and the security measures like firewalls and anti-virus software that protected old-style workplaces just won’t cut it today.
When it’s time to plan your next IT upgrade: make sure that addressing today’s cyber threats, form a core part of your strategy.
From operating system to network protocol, firewall to anti-virus, software decisions play a critical role in organisational security. But most users spend the majority of their time within an application – whether that’s a tool like a word processor or spreadsheet, or a cloud-based SAAS (Software As A Service) system such as SAS, Xero, Salesforce or Zendesk. How do you secure your software? That depends; old-style, hard-disk based software needs old-style measures like anti-virus software that’s regularly updated and regular software and OS upgrades to stay ahead of new attacks. But the vulnerabilities in a cloud based system are different: less chance of a virus, more chance of a data breach. Here’s where you need solid protocols: strong passwords; multi-factor authentication; and solid anti-hacking protection. And for your network: install a software firewall on every device that connects.
Multi-factor Authentication – or MFA – is souped-up single-user security. MFA means you need more than just a password to get access to a system; you need a second, independent credential. The simplest MFA combines a password with an SMS sent to a pre-authorised mobile phone. This can be a hassle and because SMS can be received on various computers and programs, it has holes. Far more effective and difficult to compromise is biometric identity – such as fingerprint, facial or iris identification. Biometric access is easy to use, which makes it far more likely that users will comply; and it’s also difficult to circumvent, adding another layer of complexity against cyber attacks.
We’re in a new digital era, where The Internet of Things is a reality – and that means that there are millions of devices that can potentially access your network. Your WiFi network should require the highest encryption protocol – likely WPA2. But what hardware has trusted status on your network – and how can it be hijacked? It’s time to get suspicious: understand the vulnerabilities left open by each device that can gain access to your network – from printer to server rack, from modem to router to mobile device and every desktop and laptop that’s allowed to connect. And once you know where the weakest link is: shut that door, fast.
BIOS Level Protection
Anti-virus software is only as effective as the most recent batch of signature downloads; biometric identity protects you against unauthorised access – but that’s no help when your user inadvertently downloads a malicious file. Today’s most malevolent and destructive attackers use BIOS-level code, which once opened, infects the computer’s Basic Input/Output Operating System – a critical system component which loads before the operating system and before user authentication is required. The only protection against this level of attack is BIOS-level security which detects any change to the BIOS and restores it to default before an attack can proceed.
The IT security at your workplace may be at an all-time high – but mix it up with today’s digital threats and things may get a whole lot murkier. Check out the 2018 HP Australia Security Study which found that less than half of Australian SMEs have conducted an IT risk assessment in the last year.
Join our journey and find out how we can make new ways to work less risky, more satisfying – and more secure. HP Elitebook x360 sets a new benchmark for today’s new world of work.
Thank you for subscribing to the HP Hub.
You will now receive updates on the latest articles from HP.