Errors in The Security Strategy That Put Corporate Information At Risk


Email, the cloud, smart devices, connections and employees are the main gateways for attacks that seek to access corporate information, currently encouraged by the increase in teleworking. 

Every November 30, the Information Security Day is celebrated, a date that seeks to raise awareness about the protection of corporate data and the measures necessary to achieve it, especially with the teleworking trend, which has increased with the pandemic. 

In this context, the main cybersecurity strategies of companies can be weighed down by five errors that stand out from the CheckPoint company in a statement, such as obviating the need to secure email. 

The company points out that "hardly any security measures are used to protect corporate email", when it is the "main vector of attack " against companies. Specifically, the Threat Intelligence Report indicates that seven out of ten malicious files arrive through email and that a third of them have the .exe extension, that is, they are executable files that, once the user clicks, the computer virus download starts on the computer. 

This context makes email security "key", since it is one of the most used ways to share corporate information. 

Another mistake happens not to protect the cloud properly. Teleworking has driven the migration to the cloud, but due to circumstances, it has been carried out quickly, without the necessary security measures. 

According to the Cloud Security Report 2020, three in four companies are concerned or very concerned about cloud security, and 68 percent point to misconfiguration as the top cybersecurity concern. Added to this is the fact that more than half of companies (52%) believe that the risk of security breaches in cloud infrastructures is greater. 

The company also highlights the use of unprotected devices and points out that implementing security measures on devices such as laptops, tablets or 'smartphones' is "fundamental" to protect a company against cyberattacks. And it can be done with security 'software' that prevent access to the information it stores as well as threat prevention. 

Corporate information is also at risk when using remote connections without virtual private networks (VPNs). With the new teleworking model, many professionals work from home through their home Internet connection, that is, relying on the basic security of their provider but without using VPN networks to access corporate information remotely. 

Therefore, from Check Point they warn of the need to use this type of security measures, since they encrypt the flow of information between the computer and the server, preventing a cybercriminal from accessing it. 

Not training employees is also a risk for companies, which often place more importance on external threats, without taking into account the errors that can occur in their own system. 

For this reason, from Check Point they understand that it is "essential" to promote the training of employees so that they are able to identify and block cyberattacks and thus be able to avoid consequences such as blocking devices or files or theft of confidential data.

Previous Post Next Post