One Big Fix for Cyber Security

Think of your PC as a typewriter again.Want great cyber security? Establish a universal policy that desktop and laptop computers are STRICTLY for business use only. Nothing else. Nothing. No entertainment of any kind. No personal email. No Netflix. No Pandora. No Facebook. Block the addresses. Only business applications.

This would usher in cyber security nirvana at your organization. But you still think I’m nuts. Please give me a minute to defend my sanity.

You don’t have to tell your users to stop having fun at work. There is an alternative! Have fun on your smartphone or tablet! The only reason we think of using the PC for fun is that we became accustomed to that in the pre-smartphone era. It’s no longer necessary.

Set up two networks if you don’t already have them, one inside the firewall and one outside. The PCs (desktops and laptops) get inside access. Everything else connects outside.

Lock down the PCs. Only business apps. No administrative rights. If possible, no local file storage. Put files in the cloud. Require multi-factor authentication. Encrypt the drive. Anti-virus and Advanced Threat Protection. Make it a secure office machine. Think of it as a very, very smart typewriter, not an amusement park.

Keep the amusement parks (phones) away from the on-premises network. Let them get business email, calendars, tasks, and even files, from the cloud. Institute mobile device management, with the level of sophistication of Microsoft Intune, which has apps management.

The Cyber Security Benefits

What would this give you? A clear inventory of what is on your PCs. Better patch management. Simpler desktop support. Virtually zero loss to ransomware. A built-in incident response plan: Wipe it! What do you lose? Reinstall that software image.

If you want to make those PCs even more safe, implement application whitelisting, which shouldn’t be much of a problem with a strictly limited list of business applications.

Your organization owns the PCs you lend to users, doesn’t it? Start acting like you own them. Repeat after me: This is your PC, and this is your phone. One is for working, and one is for fun.

Tim Haight
About the Author
I'm VP of Technology Services for CGNET. I love to travel and do IT strategic planning.

Leave a Reply

*

captcha *