While hackers are getting smarter and stealthier with their attacks, humans are still capable of putting up a good defense. You may not know this, but a lot of malware attacks are successful because of their ability to trick people into giving them access to their computers. This quick guide will give you a few simple guidelines that make a huge difference in the war against malware.
1. Be cautious of emails
Most attacks are successful by tricking users with credible-looking emails. Keep the following things in mind when working with emails:
- Legitimate businesses will never ask for account information via email.
- Never include full sets of any personal or account information in any one communication. Use no more than 25% of the numbers or characters needed to identify or be given access. (e.g. Last 4 digits of account number).
- Check the sender’s email address. Hackers will use business names that are a letter or two off (e.g. @gooogle.com, @bankofameria.com).
- If you suspect the email is a scam, delete the email, or call the person who you suspect sent. Do not engage/reply via email as it may confirm to the hacker that your account is legitimate.
- If you feel something is suspicious, it probably means it is. You can always send an email to Cervisys and ask us to review it for you.
2. Activate OpenDNS on your network
Domain Name System (DNS) is an important part of the internet. It translates our easy-to-remember “word URLs” into a complex IP address. For example, DNS converts “facebook.com” to an IP address (#.#.#.#) in order to load the website. Most malware and phishing scams use servers associated to a domain name. When we click on links that might harm your workstation or data, DNS blindly assists with that process.
OpenDNS makes your DNS-lookups smarter by blocking any requests that point to a known bad server. This service processes millions of DNS requests a month and uses that data to maintain a database of malware sources. OpenDNS, free for our SiteManager clients, can be activated on your network and will block any malware requests your employees accidentally trigger. Not sure if you are using OpenDNS? Ask us!
3. CervisAgent installed on all network workstations
Our CervisAgent allows us to monitor your workstations. We can push out Windows updates, software patches, and other helpful commands that keep them updated and protected. This also installs our included anti-virus software (Windows workstations). Lastly, we use this tool to remote into that workstation for any remote desktop support sessions.
You can verify your workstation has the CervisAgent installed by checking your taskbar for “the orange A” icon. If you do not see one, email support@cervisys.com and we will work with you to get it installed.
4. Create a guest Wi-Fi network
While your workstations and servers are protected by our tools and software, your visitor’s laptops or mobile devices are not under our management. If an infected device connects to your main Wi-Fi network, you could be opening the door to a malware infection. We recommend you set up a Guest Wi-Fi network that is separate from your main Wi-Fi network. The Guest Wi-Fi network has no access or visibility to any of your network resources but will allow your guests to access the internet. If you need a Guest Wi-Fi network set up, we are here to help.
5. Activate advanced firewall security services
Having a firewall is a great step toward securing your network. A firewall is the gateway that separates your business network from the rest of the world. All of your internet activity processes through your firewall which is why we recommend you activate smart services that scan all incoming and outgoing traffic.
There are several advanced firewall services that can detect viruses, malware, intrusions, and bad requests. Specifically, APT Blocker services can detect zero-day malware. This powerful service can stop an attack right at the door before it gets a chance to see anything inside. Most advanced firewall services require an additional purchase. Email support@cervisy.com to check if your firewall has any of these advanced security services activated or not.