Other issues in this category (61)
No message, no problem
Some people believe that rules are meant to be broken. Virtually every company has employees who think that information security rules should not apply to them. "If I want to open an email, I will—no matter what they say!”
Those are senior officers we are talking about. And more often than not, their computers become sources of infections that spread to other machines in the corporate infrastructure.
Here is an example of how traffic analysis enabled security specialists to recreate the chain of events that resulted in a malware attack on their company's headquarters and thus determine how intruders found their way into their network.
When the operator came in to work in the morning, the dashboard showing a large number of DGA (Domain Generation Algorithm) queries was the first thing that caught his eye.
The employee looked through the list of machines that were coming under a DNS tunnelling attack: five desktops belonging to top managers had been compromised.
Alas, a privileged user can disable or even uninstall an anti-virus on their computer, forward a malicious email to their personal device, and then transfer a malicious file to their office computer on a flash drive. When it comes to circumventing security restrictions, their ingenuity knows no limits. And people in charge also complain that anti-viruses interfere with their work.
What can a system administrator do?
Preventing an incident from happening is better than dealing with its consequences. When it comes to malicious spam, there is a solution. Dr.Web Mail Security Suite removes malware and spam from mail traffic. By doing so, it will ensure that no employee (regardless of their position) will receive bogus emails or be able to send such messages from their personal unprotected devices.
Malicious emails must not reach employees. When there is no message, there is no problem!