What are some of the worst enterprise security habits?

Enterprise security is a habit! Good habits take years to form – bad habits, on the other hand, take only seconds, and can bring years of hard work taken down in minutes. The same rule applies to enterprise security also.

It’s just easier to put an easy password (or worse, no password) on an important function and leave it open to danger – or turn off the auto-updater of your security solution, consequently leading to disaster and danger.

Hence, here are ten of the worst enterprise security habits which organizations should get rid off immediately –

1. Access to everything – Strangely, a lot of organizations, especially the legacy ones allow everyone, access to everything. The net result of this critical oversight transforms enterprise security to be seriously low ensuring that the organization is just one small slip up away from a major disaster.
2. No security policy – Most companies have policies for everything – HR policies, leave policies, dress policies, time policies, so it’s amusing that they don’t have something as intrinsic as a cyber security policy. Enterprises must keep a strong, updated cyber security policy with clear dos-and-don’ts about what measures need to be taken.
3. Software update – The grim realization when the WannaCry ransomware attack hit the world and caused mayhem was that it could have easily been avoided. It exploited a security hole in Windows XP. Yes, that’s right – Windows XP, an operating system which is now almost two decades old and which Microsoft itself stopped supporting in 2014. In fact, it was found that 7% of PCs all across the world still use this outdated operating system. This example sums up the extreme danger of not updating the software a business uses.
4. Underestimating social engineering – Many enterprises can slip into the notion that cyber security is purely a technological problem and putting in place, a strong cyber security solution can solve all problems. But that is not the case – social engineering is as big an issue as cyber security, nowadays. The only way to solve this is to ensure that employees are as well- versed in cyber security issues as experts.
5. Forgetting to patch software – It’s fine to keep a strong cyber security focus but enterprises can call on great harm if they don’t patch their software. Even the most secure software can become outdated extremely fast and may be at risk of attack. Enterprises must be proactive in patching software at regular, timely intervals.
6. Believing we won’t be attacked – SMBs and SOHOs usually perceive that they won’t be prone to cyber-attacks as hackers will be typically interested in attacking larger corporations. But the truth is, smaller enterprises are at high risk of attacks as cyber criminals know about smaller businesses having weaker defenses, compared to relatively high-profile organizations.
7. Not having a security response plan – This ties into the above point but is applicable for organizations at all scales. Complacency can often creep into enterprises which means that they believe that they are immune to cyber-attacks. This means they won’t even have a security response plan which can be catastrophic at the worst possible time – when an attack hits.
8. Not having cyber security drills – It’s okay to have a security response plan but is it updated? Has it practically ever been used? Mock drills can help showcase an enterprise’s preparedness to cyber-attacks, while lack of these drills means that there might be chaos.
9. Not investing in the right people – Cyber security hiring is increasingly becoming a specialized trend now, one which enterprises must wake up to. It’s important to have good skilled personnel to deal with the cyber security function and ensure that they keep on getting new certifications so they stay updated.
10. No backup – Backup is integral in cyber security. Enterprises sometimes neglect backup which puts them in a precarious situation, whenever there is a cyber security attack. Don’t wait for that time – invest in good backup solutions and ensure that valuable data is backed up to prevent loss.

By getting rid of the above enterprise security habits and investing in a strong, secure cyber security solution (like Seqrite’s range of solutions), enterprises can go a long way in ensuring that their network security parameters are safe and secure.