Everybody agrees that beyond great technology and stellar processes a key factor in improving security is raising employee awareness about cybersecurity related issues. One conundrum for the industry is that when security does its job, nothing is visible: no downtime, no stolen data, no firedrills, no drama, no media headline So how do you keep security as a top of mind topic?
If there’s a silver lining to the Target breach, the Heartbleed vulnerability and other recent headline-grabbers, it’s that they’ve been very effective awareness campaigns.. There’s nothing like a bad story to get everybody’s attention. So what can you do to help your employees understand that their everyday behavior might contribute significantly to protecting their enterprise against attacks?
There are a few features in the Palo Alto Networks enterprise security platform that can go a long way toward making security visible and reminding employees that whenever they connect to the Internet, whenever they download a file through their professional or personal email accounts, they might bring malware along to their enterprise network.
Here are a couple of examples where you can configure our platform to explicitly tell employees that they have or are about to perform a task that might compromise their company’s security. (Note that all the messages shown in the screen capture below can be customized).
1. Access to an unauthorized application: In this case, the employee is also prevented from completing the task and accessing the unauthorized application.
2. Access to an unauthorized (and/or high risk) web site: In this case, the employee is also blocked from visiting the web site.
3. Attempted download of a malicious file: The user is alerted and prevented from downloading an infected file.
4. Attempted download of an unauthorized file type: File blocking can be particularly useful in preventing users from downloading and installing additional software on company assets and can also prevent drive-by-downloads.
Configuring the Palo Alto Networks platform to bring up the above alerts might be particularly helpful in sectors where companies have a large employee population who works mostly with computer and connected devices. This would include financial services, healthcare, and high-tech.
For more information and use cases regarding the deployment of security policies and profiles on the Palo Alto Networks next-generation firewall, please download our Threat Prevention Deployment Tech Note.