Show cyber threats who is boss in 2018.

Wednesday, January 24th, 2018

Last year went by so fast. In between everyone’s normal busy schedule, most of us had to deal with natural disasters of some kind. For us at Wavecrest, it was Hurricane Irma as well as an above average rainy season. For others, it was Harvey and Maria, as well as fires, flooding,  earthquakes, remnants of storms causing wind damage–the list last year seems to be endless.

2017 also brought on some notable cyber events with the Equifax breach as one of the top incidents. 2017 was definitely a year for the books. You may have also noticed a shift in the business digital threat protection messaging. We at Wavecrest noticed . . . because it shifted to what we have always focused on. People.

People are a big part of the cyber threats that take place in businesses. No matter how automated things are, there is always the aspect of human interaction–human vulnerability. Humans inherently have vulnerabilities. It’s not a fault of one individual over another; it’s not about how good your employees are. There is a point where a business owner, manager, or decision-maker has to come to terms with managing Web use for the sake of the business over “my employees wouldn’t do that” or “I trust everyone working for me.” It may be true that you have the most trustworthy employees, but mistakes happen . . . even to the best of us. Cyber criminals focus on the easiest route first to gain access to your systems. Many times this is the employee, or human, vulnerability.

So . . . the new year is here. What can be done to improve managing employee Web use? The key is to make sure you pay attention to the human endpoint because it is not always about a failure in the actual technology. The firewall is great but if you have a weakness with an authorized user, the hacker will get past the firewall. Defend the human endpoint.

Consider these as a starting point and build on each or all!

  • MONITOR YOUR EMPLOYEES’ WEB USE! Sorry. It had to be said. If you do not know what is happening, you will not be able to know why, when, or where it happened. And you will not be able to make an informed decision on how to stop it from happening again. Remember that many times the human error that allowed for a breach may have been habitual or reactive so the employee’s memory of how it happened may not be very clear. Make sure to have visibility into the actual Web activity.
  • Analytics. Really another part of monitoring but noted separately due its importance and the flexibility of what you should be able to view and analyze. Find a Web activity solution that allows you to see relevant, drill-down data when you need it. Trends, customizable charts, by user or group, and real-time information on activity and bandwidth use are all things you should be able to analyze easily. All will allow you to expose abnormalities in user activity, identify potential insider threat behavior, flag possible legal liability issues, assess trends for data breach exposure, and observe patterns for lost productivity.
    • Hits versus Visits. This one deserves a sub-bullet. Make sure the Web-use management solution you choose has clearly defined Hits vs. Visits. Hits consist of unsolicited traffic, such as ads, and are not a reliable tracking metric on its own. Visits give you uncluttered, relevant Web activity detail based on user clicks and are a critical component to understanding human behavior. The last thing you want to do is try and sift through a bunch of data that is not even really relevant to the employee’s actual Web activity.

  • Filter. Yup . . . another suggestion that has the “but my employees are awesome” stigma to it. BUT let me just remind you that this is something that will provide another layer of security from phishing, malicious Web links, and data loss. I got your synapses firing now, don’t I! Filtering allows you to block or restrict URL link clicks that an employee may not be aware are malicious. Hackers have become increasingly precise in how things look. Very convincing e-mails and Web links are not rare anymore; they are commonplace. It is not really all about making sure your employee isn’t streaming YouTube all day. Although that should be managed as well, it should all be under your control. Allow it, don’t allow it, throttle it, or open it all up. The solution you choose should allow you to do it all, in your own customizable way.

The point is that the human endpoint is still a leading way threats get into your network. It may be through phishing, a malicious ad, or use of a unsanctioned cloud application, or it may even be a human error such as the delay of updating software. Whatever the issue, you have to be as proactive as possible to protect your network. Educate your employees continuously, have a comprehensive Web activity solution in place, make sure your Acceptable Use Policy is current, make sure patch management is an active process, and hug your IT people regularly because they are usually some of the busiest and stressed people in your organization.

Here is to showing the cyber criminals who is boss in 2018! Happy New Year!

About Wavecrest

Wavecrest has over 20 years of proven history of providing reliable, accurate Web-use management and Advanced Log File Analyzer products across various industries. Managed Service Providers, IT specialists, HR professionals, Forensics Investigators, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage the human factor in business Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Trusted by large government and commercial organizations such as US-CERT Homeland Security, U.S. Department of Justice, USPS Office of Inspector General, National Grid, Johns Hopkins, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

Take the mystery out of employee Web use and gain pertinent insight into your business.

Wednesday, January 17th, 2018

 

We are all seeing how business operations are continuously becoming more digitally driven. Many operations that were done on a desktop are now cloud- or app-driven. The connection to the Internet is a constant, and since your employees need that access to be productive, managing that connection should be a priority. Small businesses are finding that this access not only centralizes their operations and data but also can save them money. But they are finding that the amount of data being produced makes it impossible to find the relevant information needed. Looking at the employee-Internet relationship should be on the top of your checklist.

There are things that a Web-use management solution should provide, such as allowing a business to easily filter and control access, use white and black lists, and set time limits. But one of the biggest benefits that many times can be overlooked is the ability to access easy-to-use smart analytics and reporting tools. A filtering solution is great, but if it lacks a way to collect and correlate useful, pertinent data, then all that it is doing is restricting employees, causing frustration and potentially reducing productivity. With detailed reporting and analytics, managers can open up the usefulness of the Internet while knowing they still have the control to keep the business running smoothly and safely.

Look for the Web-use management solution that provides:

  • Drill-Down, Interactive, Forensic-Level Detail – A complete view of every link a user clicks, the exact search terms entered by a user, their search time, and more.
  • Ad Hoc and Scheduled Reporting – The information you need . . .  right when you need it.
  • Smart Reporting – Intelligent, timely, and cogent reporting on all aspects of employee Web usage.
  • Hits Versus Visits – Clear, uncluttered detail based on user clicks versus unsolicited traffic.
  • Manager Access – IT-controlled access for managers and HR allowing them reporting access without the need for IT assistance.

Analytics and reporting tools allow you to take the large amount of Web-use data your employees are producing and make sense of it. This data should tell you who, where, and when about the Web usage. Allowing you to see anomalies, activity peaks, bandwidth usage, and more, this visibility helps you plan and secure your network, data, and employees.

Don’t feel like you’re in need of tarot cards or tea leaves to know what is happening within your business.

About CyBlock

CyBlock Web-Use Management Suite makes more sense of all your Web-use data with CyBlock’s comprehensive monitoring and reporting features. CyBlock is available in Cloud, Software, Appliance, Mini Appliance, and VM deployments to fit any business size or industry.

About Wavecrest

Wavecrest has over 20 years of proven history of providing reliable, accurate Web-use management and Advanced Log File Analyzer products across various industries. Managed Service Providers, IT specialists, HR professionals, Forensics Investigators, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage the human factor in business Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Trusted by large government and commercial organizations such as US-CERT Homeland Security, U.S. Department of Justice, USPS Office of Inspector General, National Grid, Johns Hopkins, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.