Business owners need to a take an active role in their business’s security measures, and cybersecurity is no different. There are several basic terms beyond “virus” and “hackers” that businesses owners should know to get them thinking about the vulnerabilities their business can face from the online world so they can take steps along with their IT staff to prevent cyberattacks from wreaking havoc.
Bring your own device (BYOD) – This is a policy many companies have been subscribing to in order to save massive costs on supplying their workforce with smartphones and computers, since ownership of such devices has become so prevalent. This type of policy does entail some risk, however, since employees may deal with the company’s sensitive information and may not have the proper security precautions on their devices. [Read related article: What Is BYOD (Bring Your Own Device)?]
Distributed denial of service (DDoS) – This type of cyberattack occurs when a computer or a network is plagued with massive numbers of requests for access. The system is flooded by requests that attackers can generate using hijacked servers and computers. Servers are unable to handle all these requests and fail as a result. Hackers often do this by exploiting Domain Name System (DNS) servers, which are essential for connecting the world’s computers. With DNS attacks, attackers can redirect thousands if not millions of computers to their targets’ servers. [Read related article: The 10 Most Cyber Crime Prone States]
Endpoint detection and response – This is a security strategy that relies on analyzing all network activity and investigating any suspicious activity. Endpoint detection and response software is the main guard against attacks that come from the connection between a service’s network and a client’s device. It uses multiple software solutions and strives to be a preventative solution rather than a reactive one.
Honeypot – This a preventative security strategy that involves the setup of a “bait” server that looks legitimate and appears to contain valuable data, but is a decoy. Security can instantly know when a honeypot is targeted by hackers and use the incident as insight on how they are attacking and finding vulnerabilities in their real servers.
HTTP vs. HTTPS – Hypertext Transfer Protocol is the common language of networks and how computers exchange information over the internet through web browsers. Hypertext Transfer Protocol Secure is the newer iteration of the system and much more secure. HTTPS encrypts these exchanges to prevent them from being intercepted and exploited by outside forces. HTTPS is becoming the standard for websites, but many still run on HTTP.
Intrusion detection system – This is the system put in place to monitor suspicious activity within a network and alert security experts when a compromise has been detected. Security information and event management (SIEM) is a form of this that incorporates a heavy amount of logging and network activity analysis.
Keylogger – This is a program installed through exploits or malware that records a user’s keystrokes and reports them to the attacker. This can unveil usernames, passwords and other sensitive information.
Screen scraper – This is a similar type of program to a keylogger. It records the input that goes into a display device, basically recording what’s on your screen and sending it to the attacker.
Malware – This is the umbrella term for any malicious code or program meant to damage computers, steal information or serve other criminal purposes. Malware includes viruses, Trojans, worms, rootkits, spyware and ransomware. [Read related article: Antivirus vs. Antimalware: What’s the Difference?]
Mobile device management (MDM) – These systems allow companies to monitor and act when an employee’s device may be compromised. Systems can include theft prevention software, cloud protection, email and messaging encryption, and the ability to wipe the device of sensitive data.
Multi-factor authentication – This security protocol requires users to provide two or more forms of identity authentication to access a network. This can include multiple passwords, physical keys or biometric factors such as a fingerprint reader.
Editor’s note: Looking for a single sign-on (SSO) solution for your business? If you’re looking for information to help you choose the one that’s right for you, use the questionnaire below to be contacted by vendors with additional information:
Phishing – This is an attempt to fraudulently obtain sensitive information from victims using email or other forms of messaging. Spear phishing is a sophisticated form of fraud that targets specific people and is preceded by research and reconnaissance to convince the victim that it’s a legitimate source. The best way to prevent successful phishing attempts is to require external verification when exchanging sensitive information such as passwords and keys.
Ransomware – This form of malware encrypts a network’s data and effectively holds it hostage until the users pay a ransom, usually in the form of untraceable cryptocurrency. Ransomware will either threaten to release sensitive information to the public or continue to lock out users, making a company unable to perform its service.
Sandboxing – This is a preventative technique for companies to test for legitimate code. It quarantines suspicious code, such as possible malware, and executes it in an isolated environment where it can’t do any harm.
Spoofing – This is the act of fraudulently appearing as a different source. Hackers will spoof email addresses to appear as if they’re from certain companies. They could use this to trick the recipient into giving up sensitive info or downloading malware. A more advanced form is IP spoofing, which makes a website appear legitimate. Then the victim is unknowingly redirected to a false address where attackers can download malware.
Virtual private network (VPN) – This allows users to securely access a network’s secure applications and data through a nonsecure internet connection. These are common among companies that keep certain applications and data on a secured network but have remote workers. This helps ensure that attackers cannot intercept sensitive data through the connection.