Two Simple Ways to Improve Internet Security

The Internet. The information emissary most businesses know and trust. By facilitating daily business tasks such as sharing and storing documents and communicating via email and video chat, the Internet has transformed business models across the globe. It’s hard to imagine a world without this information envoy.

But what happens when the Internet gets hacked? What happens to a business’s data and infrastructure when the Internet is infected with a virus?

Allow me to break down two celebrated security suggestions so that these gut-wrenching questions do not become jaw-dropping realities. I also hope to help businesses reduce security risks and to increase peace of mind.

A Web security policy
As we all know, documentation often slips under the table and is rarely an issue until something goes wrong. But again, this blog is about what we shoulddo, not what we currently do. According to Clearswift Ltd. , an email and Web security company, every business should have a documented Web security policy that informs employees about Websites that are and are not work-friendly. This includes malicious, unsecured, and provocative Websites of all kind. The policy should include examples of commonly visited Websites and, I believe, should explain why every type of Website is a friend or a foe. Providing logical and sensible reasons for Web restrictions can make an enormous impact on employer-to-employee relationships.

Also, because of the addictive nature of social networking sites, companies should explain appropriate social media behavior at, and away from, work. A study by Internet security firm Proofpoint Inc. notes that at companies with 1,000 or more employees, 17 percent have reported issues with employees using social media. This encompasses video sharing over YouTube, data leaking by means of blogging or message board posting, and commenting on sites such as Facebook and Twitter — not to mention the loss of productivity.

Furthermore, the Proofpoint study says that 43 percent of the companies surveyed have investigated “an email-based leak” within the past year.

But don’t think that drafting a security policy is going to magically eliminate security threats. Remember: It is one thing to have the policy, but quite another to enforce it.

Little knowledge of file types
One of the main reasons for crashed networks and help desk queries is an inadequate awareness about file types. Here’s a brief lesson.

Container files — files that store multiple files in them, such as a zip file — are among the most common types of files that release malware. Once a malicious zip file is unzipped and the user opens the files contained within the zip file, he or she unknowingly releases malware onto the system, potentially infecting the computer and destroying the network.

To combat these attacks (after installing the latest anti-virus software), companies should educate their employees about suspicious file types. Although we hate to send and receive mass emails, it sure beats spending time and money fixing computers, or even networks.

Also, it is good to remember that a little paranoia is acceptable when it comes to downloading files. It’s easy to get click-happy and download every file on the Web, but exhibiting a little caution could be the difference between a safe network and total chaos.