It is a well-established fact that one of the biggest threats to information security is “the human factor”. Check out some of the worst security SNAFUs of 2014 from Network World and find out how you can protect yourself and your customer from future threats.
Malware that has inadvertently provided entry to a system via a non-malicious user’s lack of knowledge and/or innocence is the most difficult to protect against. KioWare is not anti-virus software, but it is protective software that can restrict users from inadvertently accessing malicious links, or downloading malicious programs. Kiosk software offers security features that are useful in many more situations than what most people consider typical kiosk deployment.
Block Unauthorized Websites
Neiman Marcus was hacked in January of 2014, via a “malware-based cyberattack”, allowing access to information related to about 1.1 million payment cards of its customers. A malware based cyberattack is often successful, as mentioned above, due to social phishing schemes. Kiosk system software like KioWare can protect your user by disallowing access to unauthorized websites and block downloads.
Block External Devices
In February, AIG disclosed that a former employee had taken information related to three quarters of a million customers. The information was taken on a hard drive. If that hard drive was an “external” drive, this could have been prevented with kiosk software that disallowed external devices.
An employee of the IRS took home personal information on about 20,000 individuals in March 2014. The information was stored on a drive. Similar to the AIG breach, if the drive was external (and connected through a USB connection), this could have been prevented with proper kiosk software installation and configuration.
Block Access to Email
April’s cyber attack on the Veterans of Foreign Wars made use of malware, likely introduced through social phishing. While kiosk software and anti-virus software can limit the effectiveness of social phishing attacks, only education and user vigilance can stop the effectiveness of these attacks completely. Blocking access to email, for instance, can limit users from succumbing to phishing emails.
In May, a suspected Iranian hacker group used social phishing via Facebook and Linked In profiles to email malicious links to targets. The links, when clicked, were designed to gain access to email account credentials. Blocking access to unauthorized websites via KioWare is one such way to make sure that company computers are safe from these malicious links.
Restrict Printing, Block Email To Links
Also in May, Home Depot found than an employee gained hold of 30,000 customer accounts. This employee was “authorized” to access the information but then shared the information with unauthorized third parties. By using kiosk software to restrict the ability to print, email, or save the data to external devices, coupled with employers restricting access to only those that “need to know” the information, you can protect your devices and your data while also allowing users access to the information they need in order to do their jobs properly.
Restrict Access to the OS & File System
June’s breach at Butler University in Indiana was also due to the use of external devices to copy data. A flash drive with Butler employees’ personal information was found on the suspect. Kiosk software restricts access to flash drives so you can eliminate this easy method of copying data and removing it from the secure company server. Kiosk software also restricts access to the operating system and file system, meaning that those that should not be able to view sensitive data are restricted from doing so.
Restrict User Access for HIPAA Compliance
A HIPAA violation at NRAD Medical Associates occurred when an unauthorized employee accessed health information from the billing system. Restricting access to information is a key part of HIPAA compliance and can be upheld with kiosk software that allows users access only to the information, websites, and/or web based applications that are required for their job.
While kiosk software does not protect from DOS attacks or hardware theft, it does provide a layer of security from both intentional and unintentional malware attacks, the accessing of files by unauthorized users, and the copying of data to an external and removable device. KioWare serves as a layer of defense to protect your user and your data. Learn more about KioWare kiosk software here.