Tell me more

Welcome!

Connectivity is a basic requirement for today's business. The ability to communicate internally and externally, to access essential business information, and to use work and personal devices are all key to the way we work, day-to-day. Join the individuals in this site to see how company connectivity could be disrupted as they go about their days. Then follow the link at the end to find out how you can protect your connectivity, keeping your business 'always on'.

Enter here

Home: kitchen, breakfast

7:30am: Sally uses her tablet over breakfast to handle emails that have come in overnight,

and check her schedule for the day, before leaving for the office.

Domestic Wi-Fi
User Errors
Personal Devices

Corporate Office

11am: John uses various local and cloud services in the office to progress customer projects,

arrange meetings with colleagues and circulate information to his team.

Corporate Email
Sabotage Of Systems
Company Wi-Fi
Password Protection
Software

Customer Site

2pm: Amy and Steve make a sales call at a customer's offices, presenting material

from the cloud and accessing the company network for calendar functionality.

Malware
User Errors

Coffee Shop

4pm: Joshua stops off at a coffee shop on his way back from a customer's site,

using his tablet to file his maintenance report on a company server.

Loss Of Device
Public Wi-Fi
Confidential

Home, in the evening

8pm: Richard uses his laptop from home to pull together company resources

and materials from the web for a briefing tomorrow morning.

Web Browsing
App Download

Find out how to protect your connectivity

Learn how Intel Security simplifies security management and protects connectivity, helping you keep your business going. Download our Business Brief to see what you can do to stay connected: just complete the form and click the button and we'll bring you up to speed.

Insecure use of domestic Wi-Fi:

  • Domestic Wi-Fi, not under the control of company IT, may be set up with inadequate security.
  • Users may not be aware of the measures they should take to protect sensitive information when connected to the Internet via their domestic Wi-Fi.
  • Of particular concern is the use of domestic Wi-Fi to connect, via the Internet, to company systems, with the possible exposure of sensitive information or company network access credentials.

User errors:

  • Without effective training in safe and secure operation of company systems and personal devices, users may unwittingly use shared, weak or duplicated passwords. They may fall foul of phishing and other social engineering attacks, divulging sensitive information or company systems access credentials. Users may also use open cloud storage for sensitive company data.
  • If a personal device with access to company systems or with company information stored on it is lost or stolen, company security can be breached, especially if the device is not effectively secured.
  • Use of unverified peripherals (such as USB sticks and MP3 players) with company systems, or with other devices that are subsequently used with company systems, can also lead to the introduction of malware.

Installation of insecure or malicious software on personal devices:

  • Users may have configured their devices to accept software from unauthorised app stores, risking the installation of malicious or compromised programs.
  • Surfing the web, users may unwittingly allow malicious code to be installed on their devices.
  • Such code may compromise company security and connectivity, when the device connects to the company network over the Internet, or when the device is later connected to company systems directly via USB cable or Bluetooth.

Corporate email:

  • Many malware and phishing attacks arrive via email. Today they are often highly tailored, with content specifically designed to appeal to a specific recipient. Users with limited security awareness may fall foul of such approaches, allowing company security to be penetrated and connectivity to be compromised.
  • Inadequate, ineffectively enforced or missing processes for the handling of incoming email further compound the risk, as do missing, ineffective or out of date antispam or antivirus solutions.
  • Users may also, either deliberately or through lack of awareness, share confidential data, intellectual property, customer data or other sensitive information via email.

Loss, corruption or theft of data; deliberate sabotage of systems:

  • Compared with the general public, employees have unique and often far-reaching access privileges on company systems. A small number of employees may be intent on revenge for a perceived wrong, or simply on opportunistic gain. They may use their access privileges to steal or corrupt key information, publicise access credentials, or deliberately sabotage company systems.
  • Strong, effectively enforced control over employee access privileges and procedures for the rescinding of access privileges on termination of employment help to minimise such risks.

Unauthorised access via company Wi-Fi:

  • Poor Wi-Fi configuration
  • Insecurely configured Wi-Fi can provide an easy way for intruders to silently access the company network, as can allowing guests to access the network over general company Wi-Fi.

Installation of unauthorised software on company systems:

  • Where processes for control over software installed on company systems are inadequate, weakly enforced or absent, users may install unauthorised, potentially damaging software.
  • Similarly, improperly configured systems may present an 'open door' to attackers seeking to access company systems, whether remotely or in person.

Poor password protection:

  • Without effective training in password usage, users may use weak or duplicated passwords, share their passwords or record them on paper or in documents, or may simply leave default passwords unchanged when accessing new services.
  • Passwords are a key layer of security: it's essential that users understand how to use them to maximum effect.

Software not up to date:

  • Virtually all devices on today's networks run software of some type, from simple firmware packages through to full operating systems and applications. It is essential that all software on every device is patched and updated to ensure that security holes and other bugs are remedied as they are discovered. Unpatched software presents a constant risk of connectivity disruption.
  • Strong, effectively enforced processes should be put in place to ensure that all software on all devices is kept up to date, end of life software is replaced, and failed patch installations are correctly handled. Where end of life software must be used an appropriately configured whitelisting application control solution should be used.

Malware arriving via BYOD:

  • Users focused on the task at hand may unwittingly introduce malware into company systems via any of a variety of devices and mass storage peripherals not owned or controlled by the company – memory sticks and cards, MP3 players, smartphones and tablets are just a few examples.
  • Effectively secured endpoints, robust controls over use of third party owned devices, and training to make users aware of the risks and how to minimise them are all essential.

User errors:

  • Users unaware of how to use systems in a safe and secure way may reveal passwords, store or share sensitive information (including emails) on public cloud storage, use unverified peripherals with company systems, or fall foul of phishing and other socially engineered attacks.
  • Devices such as laptops, tablets and smartphones (whether company or personally owned) can easily be accidentally left behind after an off-site meeting, or even stolen. In such situations, information stored on them, and even access to the company network may be compromised, especially if they have not been secured with unique, strong passwords and encryption.

Theft or loss of device:

  • Portable devices are by their nature easy to leave lying around. Some (consider an SD card) are so small they could be lost under the edge of a saucer. When devices with sensitive information stored on them, or with access to company systems, are lost or stolen, they put company connectivity or assets at risk. Such risks are compounded when devices are not securely password protected or encrypted.

Unsafe use of public Wi-Fi:

  • Users may unwittingly, or even, when under pressure, knowingly, make unsafe use of public Wi-Fi networks in locations such as coffee shops, hotels, airports and stations. Doing so opens the connected device up to a range of possible attacks which could cause the device, sensitive information or access credentials to be compromised.
  • Strong central control over every endpoint (PC, Mac or mobile) and comprehensive user education in safe and secure use of systems will minimise such risks.

Confidential information overseen or overheard

  • Focused on their work, users may allow confidential information to be seen on documents or device screens, or overheard in face to face, telephone or Internet messaging conversations. Users can also be tricked into giving up sensitive information such as company network access credentials, in social engineering attacks.

Web Browsing

  • With out-of-date, missing or incorrectly configured antivirus software users may unknowingly pick up malware from websites as they surf, for business or non-business purposes. Such malware may subsequently (or immediately, if the device is connected to the company network) compromise business connectivity.
  • Users may also elect to disable or circumvent security when presented with a sufficiently attractive offer: many phishing and social engineering attacks rely on this tendency.
  • Educating users in online risks and how to avoid them, and putting in place strong, effectively enforced processes for antivirus updates will help to reduce such risks.

App download:

  • Installing apps from sources other than authorised app stores increases the risk of spyware and malware infection, putting company connectivity at risk.
  • Users often agree to app terms and licences without reading and understanding them, which can result in undesired data sharing.
  • Ensuring all devices are protected with up to date antivirus software, configuring them to only accept apps from authorised app stores and educating users in safe and secure use of portable devices will help to reduce such risks.