Ivanti Insiders Weigh-In on Cybersecurity Best Practices
The name of the game right now is cybersecurity, and phishing attempts, malware threats, and hacking tragedies are par for the course more often than we’d like to admit. In fact, according to a recent Forbes study, cyberattacks will cause an estimated $6 trillion in damages worldwide by 2021—that’s more than a year’s worth of damage caused by the globe’s natural disasters or more than the global trade of all illegal drugs.
Cyberattacks are real, and for the foreseeable future, they’re not going anywhere. So what can you and your org do to manage cybersecurity risks?
We’ve asked our Ivanti Insiders, the crème de la crème of IT professionals, just how they’re managing their own organization’s cybersecurity concerns. Their responses are insightful. Heck, even we could learn a thing or two. Grab yourself a steaming cup of something and let’s get stuck in.
What do you wish your users knew about cybersecurity?
“Understand how serious the threats are.” – Ivanti Insider
“We put tough policies in place to try and protect everyone, because we're only as secure as our weakest link. The weakest link tends to be the human component, and hackers are good at making something look legitimate to exploit that component.” – Kelly Ruston, Technical Support Specialist, William Osler Health System
“Random companies won’t send you software to install via email.” – Ivanti Insider
“It is imperative to stay vigilant on the lookout for phishing scams and other malicious threats that they are exposed to.” – Katelyn Eubanks, Info. Security Administrator, City of Sioux Falls
“As IT professionals, I believe we have a duty to provide practical, effective steps non-IT users can use to mitigate cybersecurity risks.” – Ivanti Insider
“It is not the sensationalized portrayals in the movies, with power grids crashing and anarchy taking over the world. Cyber security is the protection of our systems so we can do our day-to-day jobs.” – David Jimenez, Operations Engineer, Emerson Electric Co.
“1. Never open things you don't expect.
2. Check URLS before clicking on them.
3. Do not use unknown USB sticks.
4. Don't be a stubborn user.
5. Don't install your own software.
6. Don't even think about trying to use torrent and downloads on our network or company laptop.” – Ivanti Insider
“No General in Africa is trying to send you 2 million dollars.” – Ivanti Insider
What tips do you have for users looking to be more secure?
“Lock your devices up. Make backups. Stay on top of your accounts.” – Ivanti Insider
“Be vigilant and be up-to-date. Verify you're typing in the correct web address. Before you click anything in an email, verify the sender is who you think it is and the link/attachment is something they themselves sent. Verify that your antivirus products are up-to-date (and that you have one installed!) and scanning, and that your PC is staying up-to-date with patches. Most issues can be avoided by being careful to always visit legitimate sites, ensuring you aren't opening attachments from unknown individuals, by keeping your PC patched, and your antivirus up-to-date and performing regular scans.” – Kelly Ruston, Technical Support Specialist, William Osler Health System
“When you are going to click a link on a webpage or an email, hover over the link first and check the bottom left of your browser to see if it will take you to the page you are expecting.” – Adam Howard, Systems Administrator, Rack Room Shoes
“Consider using a fake or one-time-use email address for non-important signups.” – Ivanti Insider
“Make sure you pay attention to the required cyber security training. We are all targets now!” – Ivanti Insider
“Don't trust anyone. Use common sense. Longer passwords are better than ‘use 4 categories’ passwords.” – David Jimenez, Operations Engineer, Emerson Electric Co.
“Audit: Review everything that you install on your computer and only install from trusted sources. NEVER discuss private matters (username / password / personal information) with anyone that you do not fully trust. (Again, even personal information can be dangerous, like when Paris Hilton's email was ‘hacked’ because she used her dog as a ‘security response’ and then made public the name of the dog because it was lost.)” – Daniel Cogny, Systems Developer, OPS
What is your biggest cybersecurity concern right now?
“Data theft.” – Deshon Pile, Jr. Team Lead, SCI
“Ransomware.” -- Katelyn Eubanks, Info. Security Administrator, City of Sioux Falls
“Not knowing what users click.” Thomas Smith, Director Telecom and IT Support, SCI
“GDPR.” -- Viviana Radosta, Inside Sales, Ready Informatica Srl
“Phishing.” – Josh Castleberry, Cyber Security Administrator, MDU Resources Group Inc.
“Limiting personal data owned by third-party companies. No company can guarantee perfect security, so I try to limit the amount of information given to any third party. As the recent disclosure of a major credit reporting company illustrates, disclosures happen, and when they do companies who've been hacked are not required to compensate you for the attack.” – Ivanti Insider
“Privacy. There are many services that are hard to avoid these days (i.e. as an immigrant, I use Facebook despite hating it, to keep in touch with people ‘back home’), and most corporations are pushing hard to learn (and use) everything from you. Lately I am focusing on looking for Open Source (or at least privacy aware) alternatives to my ‘day-to-day’ software. – Daniel Cogny, Systems Developer, OPS
“The lack of knowledge of our users. The worst thing is, we can tell a user 30 times how they can keep their computer safe and they agree with us. And then suddenly it is again ‘OOPSIE!’ I got a virus or malware.” – Ivanti Insider