Posted by: Heather Shy on December 13, 2019 at 12:00 pm
Have you heard the term “human firewall?” It sounds a little strange, but the concept is sound.
What is a human firewall? A human firewall refers to training your staff in basic online safety and security. After all, despite available protections, email is a common entry point for scams, ransomware and viruses. Human beings are often the last line of defense against these.
Sure, most businesses already have antivirus, antispam, and – oh yes – actual hardware firewalls in place to protect their computer network. These are all necessary. But, if some bad actor gets through these digital defenses, and their bad link reaches someone’s in-box, what is the last protection for your network? The human being receiving that email.
Think about it: Antispam and antivirus software, and hardware firewalls all have parameters they check to determine if an email or web site is safe. Why shouldn’t your staff have the same? If they know the danger signs, or your company has strict policies in place, they won’t click.
No, we’re not telling you that your entire staff must become cybersecurity experts. There are a few basic things to look for and policies to set, however, that can help your staff protect your network.
Some Simple Signs
Here are a few common scams, with links to our previous posts on these:
The CEO Spoof. A scammer creates an email that appears to come from an executive in the company, and sends it to one or more employees. Frequently, these emails ask the employee to send gift card codes, perform a cash wire transfer, or surrender employee W-2 information. How can your staff defeat this scam? Have a policy in place that requires a second, independent verification for these kinds of requests.
The Imposter Page. This scam email appears to come from a respected, national company and can be very convincing. We’ve seen UPS, LinkedIn, and other household names used for this. The email will tell the recipient of a problem with their account, and include a “helpful” link for logging in.
Celebrity News! This is another common tactic – scammers capitalize on normal human curiosity, sending links claiming to have salacious news, video, or photos.
The Angry Client/Vendor. This email subject line refers to an inaccurate invoice or a missed payment. It often contains a file attachment. The solution is simple: do not open attachments from businesses you don’t know!
Hi, I’m From Tech Support. Usually a phone call, this scammer pretends to be from “your IT company”, and is after passwords and information they can use to hack into your network. Know your IT provider!
Resources for Your Human Firewall
Each October, we round up our cybersecurity posts for National Cybersecurity Month. Take a look at this year’s list for dozens of articles and information that can help you and your staff protect your data and your customers.
Need a hands-on approach? Fill out the contact form or reach out to your account manager, and ask about our in-house cybersecurity training. We will have one of our experts come to your business and educate your staff on common cybersecurity threats and what they can do to defeat these.