Today's enterprises face increasing cybersecurity threats from a variety of sources such as cybercriminals, terrorists, and insiders. Users need to be aware of security guidelines to protect confidential information and systems. Some key recommendations include using secure protocols, protecting physical access to systems, scanning files before downloading, enabling multifactor authentication, keeping systems patched and passwords strong. Social engineering is a major threat, so users should be cautious of phishing attempts, not leave sensitive information unattended, and verify requests for personal information.
Ensuring Technical Readiness For Copilot in Microsoft 365
End user security awareness
1. END USER SECURITY AWARENESS
Today’s enterprise is more vulnerable than before. The traditional boundaries of
organization are changing with advance technologies but cyber-attacks are also come more
frequently. So users need to be aware from the security guild lines to keep information safe.
Cyber Security- All the processes and practices we implement to protect networks,
systems, applications and data from attacks on the CIA triad (Confidentiality, Integrity, &
Availability).
Why do we care? –
Estimate upwards of 250 billion $ of loss associated with cybercrime and every year cost will
be increases.
Know your Enemy
Cybercriminals, Terrorists, Foreign Nations, Insiders, Hacktivists and common thieves.
What can we do?
Use secure protocols when transmitting data – (HTTPS instead of HTTP)
Protect physical access to your systems like every time when you left the systemit
should be locked by Window button+ L
Don’t connect systems to the network without knowledge of security aspects.
Don’t bring media to work from home without prior approval
Scan all the files before download
Download from trusted sites
Encrypt mail and other sensitive files
2. Protecting Identities
We live in world of information sharing.
What is PII? Personally Identifiable Information
Over the 17 million people were victims of identify theft in 2014 and this number is
on the rise.
Any Information that can lead to locating and contacting an Individual & Identifying
that individual uniquely. Like – Full Name, Mother, father’s name phone number
and other unique identity.
Don’t respond to unsolicited requests for personal by phone and mail.
Watch out for shoulder surfers specifically with coded access to building when using
ATMs.
Store personal information in a safe place at home & at work.
Install firewalls and virus detection software on your system.
Protect against Social Engineering
Social Engineering is the greatest threat to gather the sensitive information and
compromise the confidentiality today.
Phishing, pretexting, baiting, tailgating, quid pro quo all the Social engineering types.
What can we do?
Require multifactor authentication
Trust no one!
Install anti-malware
Don’t leave valuable information on your desk
When in doubt, call security team
Best Practices to keep your system safe
Always log off or lock your systemif you leave.
Keep system patched and up to date
Use Strong password
Encrypt sensitive files
Disable insecure mechanisms if possible
Don’t forget physical security
3. Data protection aspects
Email Precautions and Procedures
Often e-mails attachments are means of distributing malicious code.
Many viruses will “read” an infected user’s e-mail list and replicates it originates
with a trusted source does not mean that is true.
Often by clicking those links, your systembecomes infected and these links may be
use for phishing.
What to do?
Do not click on link in messages
Verify with known parties
Do not download files from unsolicited sources
Watch for poor grammar, miss- spelling, urgent messages, please for money and etc.
Protection Against Malicious Websites
Rogue websites are used to collect information intercept information, and
distribute malicious software.
Browser Hijacking: if a site won’t allow you to access any other site, be
suspicious! Has your homepage or search engine been modified without your
permission.
“free downloads” may be spyware or other malicious software.
What do we do?
Avoid suspicious sites.
Don’t download files from peer-to-peer sites
Use Secure protocols.
Protection
Security
Informat
ion
Data
Privacy
Code
safty
4. Don’t ignore security warnings
Don’t change browser security settings unless instructed to do so by the
security team.
Prepared By- Kanishk Raj (Cyber Security Certified by Cybrary.com)
Reference by- Cybrary.com