Clicky Web Analytics

Security 101: Securing the Malware Ingress Points in SMBs
Author: Michael Osterman on September 17, 2014 - 11:03 PM
Michael Osterman   Messaging Wire

Our research, as well as that of many other firms, has revealed that malware infiltration has impacted most organizations and that the problem is getting worse over time, particularly for small and mid-sized businesses (SMBs). While it is essential that every potential ingress point for malware be monitored, many organizations have holes in their defenses that could allow malware to enter the corporate network. Here are a few areas to address, although the list is by no means exhaustive:

•    Personal Webmail
Many users employ personal Webmail when they need to send files that exceed the mailbox-size quotas that IT has established for the corporate email system, or when the corporate system goes down. While both are valid reasons for using a personal alternative to continue sending emails, doing so bypasses corporate scanning defenses and can allow malware to sneak onto employees’ computers, such as in a phishing email.

•    Non-business-grade file sync and share
Tools like Dropbox are widely used by employees so that all of their relevant content can be available from every device they use. These tools are incredibly useful for traveling employees, those who work from home, and those who want their files handy from a mobile device when they’re away from a desktop computer. However, they can also provide an entry point for malware. For example, if an employee’s home computer is used to work on a Word or Excel file, gets infected and then is synced via Dropbox to the employee’s work computer, malware can enter the corporate network without ever having been scanned for malicious content.
 
messaging wire engineers discussing messaging wire
Reader's Comments
Messaging Wire Columns



messaging wire