Information security refers to a collection of procedures for protecting data from unauthorised access. Information security is a major concern in every organisation and has become increasingly important nowadays. The following steps can be done by users in an organisation to ensure information security.
If a virus is detected, you should:
- Stop working right away, but don’t turn off or reboot your computer.
- Contact Help Desk or information security personnel immediately.
- Make notes of everything you can remember related to the incident.
- Turn on safe mode. This ensures that the malware isn’t loaded as you only have access to core files and drivers.
- Update the security system to the latest version. Doing this will reduce the risk of flaws in old code being exploited by criminals to install malware on your computer.
- Take an action depending on the malware you have. If you can identify whether it’s ransomware or crimeware, you might be able to take specific steps to resolve the issue.
End-users are the first line of protection in the fight against computer viruses. Some of the roles and responsibilities of end users in information security include:
- Report all suspicious activity to the respective authorities.
- Make sure to have an antivirus or firewall on your device.
- Maintain confidentiality.
- Never share your passwords with others.
- Avoid clicking on unknown links.
- Store paper and computer media containing restricted and confidential information in suitable locked cabinets or desks when not in use or when unattended.
- Protect mail and fax machines from unauthorised access.
- Terminate active computing sessions when unattended, unless they have a suitable locking feature, such as a password protection.
- Do not install or run unknown software
- Report virus incident to your Help Desk
- Do not open email attachments from unknown senders.
- Verify and check attachments from unknown senders before opening.
- Use encryption programs or file compression with encryption programs if sensitive data are stored on the hard drive.
No organisation is immune to cybercrime. It is necessary to have a security team in place and also make sure everyone in the organisation is aware of the responsibilities and protocols to be followed. Not being responsible enough can lead to severe damage with dire consequences.