Firewalls, email filters, antivirus software and other security measures are great for protecting your network environment from outside threats, but your greatest cyber threat could be within your organization ... and has network access.
Firewalls and antivirus are great, but not enough
During a conversation the other day with a business owner here in Oklahoma City, I was talking about network security and mentioned how at R.K. Black, we daily receive hundreds of emails bearing viruses and other forms of malware, many of them sent to our associates inboxes and others sent to group email addresses handling various aspects of our business.
I remarked how the head of our internal IT department, John Sanders, was able to thwart them due to a combination of email filters and so on, but more how through the extensive training of our associates on how to recognize the threats and to avoid them were we able to foil these phishing attempts.
“But don’t firewalls and antivirus protect your network?” the gentleman asked, voicing a misconception held by many business owners.
“Yes, they do, but only to an extent.”
I then explained to him that firewalls are to networks as walls were to ancient cities. They are great for keeping the enemy out, but only until someone inside the wall opens the gates and allows the enemy to enter.
City walls and firewalls are only as good as those they protect
If you remember the story of Troy, for 10 years the Greeks had laid siege to a large walled city (Troy) on the western coast of Turkey, near the Dardanelles Strait. They were only able to conquer and destroy the city by fooling the Trojans into opening the city gates, bringing in a force of Greek soldiers concealed in a large wooden horse, who then once inside the city gates and under the cover of night crept out of the horse, opened the city gates from the inside, and well … the rest is literally history.
See? The walls worked great for 10 years, but were entirely useless once someone inside their protection let the enemy inside. Likewise, firewalls are only as good as the users of the network they protect.
Network end-user education is key
That’s why it’s essential for companies with networks, that along with their other network security measures, no matter their size, to educate their end users on how to recognize malicious emails, attached files and bad links.
That way they will know what a Trojan horse looks like, and will not open your city gates to only bring on network downtime or, worse, destruction.
So how does one go about doing this? As a company, we use a service which offers courses, training and even a certificate awarded upon training completion and weekly emails updating subscribers on recent threats.
In fact, with that service, once you do put your staff through training, you can do like John does with our associates and send out company-wide emails with telltale signs of being malicious but with titles like “Confirm your Netflix account info before your membership revoked” and see who falls for it.
Once these individuals are identified, you then know who needs further training.
A safe network enviroment is multifaceted — but don't forget the face
All of this said, a firewall and network user training alone are not going to make a network secure. A truly secure network utilizes not only an edge firewall and cyber threat identification and avoidance education, but layered security (think firewalls within firewalls, like the keep inside a castle), antivirus programs (think soldiers and guards on the ramparts), proper security settings and permissions for end-users and so on.
You must have in place a network back-up disaster recovery system — basically, if the people of Troy had a time machine and after seeing their city come to ruin had a magical time machine and could rewind to just before they pulled the horse into the gates, that’s what BDR can be for your network.
All of these elements work together to create a secure environment — and, shameless plug here, all of these our managed IT services team can help you implement for your business and your network environment. Let us know if you want help.
But back to the main point of this article, educate your network users. Doing so will transform your associates from being potential weaknesses and liabilities in your network to being strong security assets, guards and infantry, if you will, ready to identify and ward off an attack.
More Related Reading:
About R.K. Black, Inc.
R.K. Black, Inc. is an Oklahoma City-based, family-owned leading provider of office technology solutions to small and medium-sized businesses in Oklahoma and Kansas. We specialize in everything business technology from copier, fax, printer and scanner technology to document management, onsite paper shredding services, VoIP phone systems and managed IT support to video surveillance solutions.
If you want to learn more about us, feel free to explore the website, read our other blogs or click the button below to be contacted by one of our reps and tell you! Also, be sure to keep watching our social media channels on Facebook and Twitter for more business tips from our blog.