When thinking seriously about Windows network security, an absolute must for an organization is to create a well structured security policy. However, regardless of the best intention from management, gaining top to bottom commitment is difficult to the point of being nigh on impossible.
Humans are the weakest link
Research conducted by IS Decisions found that over 70% of office workers don’t know who to report a security breach to. Fewer than a third knew who to contact within their company if they suspected their computer or another device had been subject to a security breach, such as a compromised login or phishing attack. The research also found that the majority of people (52%) do not realise that sharing their work-related logins can represent a significantly security risk to their employer.
This behavior and lack of awareness shows a shocking deficiency in effective user security training. The fact that the overwhelming majority of office workers have no idea how to report a security breach is a very worrying statistic. It needs to be addressed, but more training or stricter policies alone are not going to help solve this problem.
Bad user behavior or security knowledge isn’t just the result of poor education, it’s that security is never going to be the top of everyone’s priority list. User are human beings, they are flawed, they will always act outside the boundaries of policy (and sometimes common sense).
Help to mitigate the risks
This unintentional insider threat is a serious security concern. However mitigating the risks is not a simple task. Better training can certainly help but an optimum strategy should include help from technology solutions, such as UserLock.
UserLock can help address these flaws by outrightly restricting some of that bad behavior, as well as helping educate and disseminate good behavior so employees can get ‘on-board’ with security policy.
Greater control handed to administrators to monitor and restrict user access allows them to reduce surface area for potential attack whilst things like user alerts remind users of why policies are in place and how they should be behaving on the network.
Enhanced network logon security offers more protection
The latest version, UserLock 8 brings several additions to the product, notably in helping guide and disseminate good user behavior and enabling admins to better respond to potential insider security events.
More intelligent threat detection
The real time monitoring now incorporates a risk indicator, identifying suspicious network access behavior at a glance. The new User Status feature evolves according to the user’s actions and their customized authentication controls. It delivers a complete view of an organisation’s network activity and risks, allowing administrators to focus on activity deemed to be of risk or high risk.
Compromised password protection
UserLock 8’s real time monitoring allows administrators to act immediately to compromised login credentials, but also alerts users when their login credentials are used (successfully or not) to connect to the network.
New remote session administration design allows facilitation from any device, so administrators can still respond rapidly on the move using a smartphone, tablet or computer.
Secure privileged users
Settings, logs and policy rules can now be secured even for UserLock 8’s privileged users, protecting against bad behaviour by those who have administration rights and answering the need for many major regulatory compliance requirements.
UserLock underpins any organization’s security policy to ensure it’s not just a piece of paper or something that managers create and workers ignore. The feature updates to UserLock 8 will make the job of managing and securing a Windows network easier, as well as help educate users and promote better security behaviour.