Anyone returning to their company's office from the home office should exercise particular caution and check emails carefully, for example. Because attacks by cyber criminals increasingly rely on context-specific phishing attacks.
A seemingly harmless welcome email from a superior containing documents on updated rules of conduct and requiring the entry of a password has already turned out to be an attack in several cases. The access data is tapped in this way, and in the worst case, the criminals have the complete company data openly at their disposal. The resulting damage can be immense.
IT security: qualified employees are the best protection
It is therefore extremely important to be able to rely on well-trained employees who recognise these dangers and act accordingly - for their own protection and that of the entire company.
Together with our partner G DATA, we offer customised awareness training as well as phishing tests that show you exactly in which sensitive areas your business data is particularly vulnerable. In this way, training measures can be coordinated in a targeted manner and used effectively.
With the help of an e-learning platform, you can raise your colleagues' awareness and show them how to act securely at the same time: The various learning units can be prioritised individually according to the level of knowledge and played out to your employees in a targeted manner. The trainings combine descriptive tips, videos and multiple-choice questions on points that everyone in the office is confronted with almost every day: Can I click on the link? Can I open the document? Can I trust the person/website? The entertaining lessons are easy to integrate into daily work.
As part of the phishing tests, employees receive fake, but deceptively real-looking emails from a sender of a well-known company such as XING, Amazon, Outlook and similar.
A total of 15 different campaigns can be selected here to suit individual needs.
The aim of the e-mails is often to build up pressure on the employee and thus entice him or her to take an action in which, for example, he or she releases sensitive data such as access data or starts a download. It is precisely scenarios like these, which demand quick action by the employee and thus put him or her in a stressful situation, that hackers and cyber criminals trickily exploit time and again to gain access to your business data.
The test results of a planned phishing e-mail campaign show you in detail the success rate of the individual phishing attempts and display in categories which action the employee has carried out (open website, open e-mail, disclose sensitive data, open attachments, etc.). From this, you can then create targeted guidelines for dealing with e-mails and also derive training measures that can be carried out individually to protect your data.
High security thanks to ZFA
At the same time, you can secure access to your data with two-factor authentication. To secure logon processes and protect access to company resources, another factor can be added to this process in addition to the user name and password. This factor can be, for example, a code that you receive via SMS or an app on your smartphone.
Even if the personal password has been spied out by a third party, access is not possible without the mobile device or a token. As a concept, 2FA/MFA has proven itself and significantly improved the security of numerous accounts. So don't hesitate and let us check whether your company data is optimally protected.
Do you have questions and need more information? Our experts are at your disposal, contact them now.
TSO-DATA
Marvin Hitzfeld
it-infrastruktur[at]tso[dot]de
+49 (541) 1395-94
