Securing Your Corporate Computers- The Next Threat

At AINEO, we know a lot about security because companies are relying on our engineers to keep things secure. We have given advice on how to keep individual computers save and secure. However we wanted to take a few moments to talk about the overall network.

Occasionally, I send out an email to a list of friends and a few acquaintances of various funny commercials and jokes that I receive on the personal side. About a year ago, I received and email from an ‘IT consultant’ saying, ‘I don’t share your sense of humor. Your attachments could have a threat, so I have deleted everyone one of them.’ Being a person of reason the first thing I thought how could someone know if they share someone else’s sense of humor if the humor was completely in the form of video attachments to emails? In actuality, every incoming and outgoing email at AINEO is scanned by four separate engines for all threats. The chance of getting some type of nasty attack through AINEO servers is zero.

That was a reminder that some people are a bit behind in their security. Even people who say they are supposed to experts in the field. Clearly the above mentioned consultant should have been running full security tools on his mail server. Clearly in our opinion, GFI Software has the best tools available. Every exchange server should be running GFI Mail Security and GFI Mail Essentials to protect their system. Many enterprises run Symantec on Exchange Mail servers which we highly recommend against as we have seen many problems generated by this software on a mail server.

If you are running solid tools on your mail server, spam, viruses, and phishing emails should be a thing of the past. Attacks via email are declining because people know their game. You have to keep on top of it, however email based breaches have become more difficult for the hacker. Therefore, these computer thieves have changed their tactics.

The new horrible attacks are actually coming through websites. The important thing to secure in the organization is actually port 80. Port 80 is the incoming port that brings internet access to your users. Through port 80 of your router, your organization views websites of customers, partners, and vendors. But through this same port you can get compromised sites loaded with keylogging software (self-installing software that logs all your key strokes) trying to pick up important passwords or any other financial information. These sites are not just clearly compromised shady sites on the net.

Samsung USA was famous for having their hacked by someone. When a visitor would view their site, the compromised site would try to install software onto the web vistor’s PC. Samsung was notified, but very slow to remove the threat from their corporate site.

So how do you secure port 80 of your network, PCs and people from the threats? The first step is have good virus protection on your workstations (PCs). AINEO does actually recommend Symantec on the desktop side. We have found McAfee and Trend Micro behind the times.

Leave a Reply

Your email address will not be published. Required fields are marked *