It’s not just about which permissions – it’s about who has access to the permissions. Only give access
to trusted apps.
Use a continuous monitoring, detection, & response system. Diligently analyzing the traffic flowing in and
out of the network and device(s) is one of the only ways to prevent certain threat vectors. Intrusion
detection and prevention systems (IDS/IPS) can be installed on the company network or on each device
to monitor and defend regardless of what network is connected. Threat-hunting in the “calls over the wire”
is one of the best positions to detect hidden malware reaching out for instructions or pulling down the
next phase of the attack.
Ensure the whole team has multifactor authentication enabled on all email accounts. Email is still the
most common delivery method for malware. Only allow employees to access their work email from secure
work devices (not their personal device or a device shared with a family member). Passwords for email
should be completely unique and never reused on another site.
About the Author
Frances Dewing is the CEO of Rubica. Since the company’s inception,
Frances built and directed Rubica’s core operations teams, including cyber
operations, customer support, finance, legal and human resources. Formerly
COO of Concentric Advisors, a consultancy specializing in cyber and physical
security for some of the world’s most high-profile figures, Frances was
instrumental in developing Concentric’s business in Seattle and Silicon Valley.
Frances is a Washington State attorney with a JD from the University of
Washington. She can be reached online via LinkedIn and at our company
website http://www.rubica.com