The holidays are here,
Bringing joy and cheer.
And our gift to you,
Are some cyber security holiday tips – quite a few!
‘Tis the season for celebration,
Not cyber security frustration.
Follow our advice,
And secure everything, from system to device.
The holiday express to training your employees
During this season of giving, many employees will receive new tech gadgets. We love cool new technology as much as the next start-up, but that doesn’t mean we necessarily want to use them in the workplace. If you’re like us and prohibit foreign devices per company policy, you need to make sure that your employees comply. A good place to start is with some training days to ensure staff understand the potential risks associated with unapproved BYODs. By educating your loyal workers, you can reduce the likelihood of shadow IT being introduced to the network, minimizing your cyber security risks.
Peppermint mocha or risky mint
Offices without coffee is like Santa without Rudolph. And with nearly every kitchen appliance becoming high tech, most companies treat their staff to “smart” coffee machines that come with all the fancy options – there’s nothing quite like pressing a button on your phone and finding your steaming hot coffee waiting for you when arrive at work. That being said, now even coffee machines pose a cyber security threat. All IoT devices, no matter what they are, have associated risks, even if it’s your little in-house barista. Therefore, it is vital to have visibility of all IoT assets to assess and manage their risks.
Risks come on vacation, too
One of our earlier tips warned about shadow IT and unapproved devices, but some companies do permit the use of approved BYODs. But, when taking your laptop on vacation for the holidays, make sure to not leave it unattended; risks are global. A lost or stolen laptop can have serious repercussions on the organization as the device likely either contains or has access to sensitive information. When you’re not using it, keep it locked in a secure location, like a hotel room safe, and avoid taking it around with you.
Supply chains, bells and whistles are jingling
As previously mentioned, the holiday season is when many people receive new tech devices; the same goes for businesses that want to upgrade their asset inventory for the new year. But when doing so, it’s important to purchase from reputable vendors as they tend to have stronger security controls due to regulatory requirements. While this doesn’t guarantee zero risks, it sure does reduce the chances of a cyber security breach. Moreover, make sure you have the necessary visibility to verify the integrity of the devices you ordered. Just because it claims to have been manufactured by a certain vendor, that doesn’t mean it has – counterfeits are more common than you think.
Gift yourself a data back-up
Backing up your data is essential to protecting your information and preserving your digital history. Technology is not always reliable; systems and devices can crash, and in a worst-case scenario your data may be irretrievable. Ransomware, too, can prevent access to important data and even permanently delete files. Maintaining back-ups in an alternative, secure location means you’re prepared for any scenario, giving you the confidence that you can always access and use your data. With peace of mind, you can enjoy the holidays without worrying about data going missing or becoming unavailable.
Catching a sleigh ride? Make sure to avoid airport juice jacking
Planning on catching a ride in Santa’s sleigh to your vacation destination? Then make sure you’re not using any of the charging ports at the airport while waiting for the boarding call. Otherwise, you might become a victim of juice jacking. This is a method of attack whereby hackers manipulate public charging ports to gain access to the devices that connect to them. The perpetrators can obtain data, inject malicious code, or carry out other nefarious activity. For this reason, it is best to avoid using public charging stations, especially when travelling with company devices. Otherwise, you might find yourself in quite the pickle once you return from your vacation, only to find out there has been a cyber security breach that could have easily been avoided.
Secret Santa gadgets may pose a risk
A USB mug warmer sounds like a practical secret Santa gift that can be used on those cold winter days to keep your morning coffee warm. However, you should also be aware that even this inconspicuous mug warmer could potentially be a threat to your place of work. Whether a well-disguised attack tool, or simply manufactured by a sketchy vendor, the mug warmer can pose a cyber security risk. It is important that employees do not use foreign assets, not matter how benign they may seem.
Cyber threats don’t stop for the holidays
One of the most important cyber security holiday tips that can be taken away from this blog is to remember that there is no break when it comes to cyber security. Even if you are using reputable vendors and implementing precautions left and right, there will always be new vulnerabilities to patch.
From researchers and pen testers to bounty hunters and the vendors themselves, individuals are always looking for and announcing new vulnerabilities and entry points. Therefore, it is crucial for enterprises to keep up to date with these revelations and avoid buying those known-to-be-vulnerable devices.
Stay cybersafe this holiday season
In conclusion, the holiday season is the perfect opportunity to review your company’s cyber security practices and ensure that you take all the necessary precautions to secure your assets. From training employees to using reputable vendors and monitoring new and older devices, these eight cyber security holiday tips will help you build a secure environment and minimize your security risks this holiday season.
