Developing a Security Mindset

What’s that, you say?  A Security Mindset is one that considers security needs to be top of mind in the approach used in all manners of business computing. In one sense, it’s being conscious of best practices mentioned in our security awareness training sessions, such as always seeking in-person verification for any financial changes.  However, in another sense, it’s embracing new technologies like Application Whitelisting within Suite3’s ZeroTrust solution.

ZeroTrust has the ability to be the single most impactful way to prevent viruses and ransomware from effecting any of our clients, as it should prevent their payloads from ever being deployed within an environment.  However, it also means that users within these clients have to embrace that the added level of protection may add a step during certain aspects of computing.

We are currently running ZeroTrust in our environment, and our CTO Mike Lareau shared an interesting story and perspective during an internal meeting last week that illustrated his adoption of this mindset.  As a favor to our landlord, Mike will occasionally update the digital signage boards in our building for him.  He was at the shop last weekend and was editing the boards for the first time since setting up his new laptop a few months ago.  As a result he had to download the installer for the sign management software to his new laptop, and when he tried, he was prompted to approve the installation with ZeroTrust.

The process for the approval of the application added no more than a minute to his total task, but it was the thought that flashed through his head that he found so interesting – namely, that he felt an added level of comfort knowing that the ZeroTrust safety net actually would have protected his laptop if the file he downloaded was malicious and was installation was attempted without his approval

If a similar task had been conducted by a client, the request for application installation would be directed to our staff for clients without internal IT staff, or to the internal IT help desk for those that do. That IT review stops unauthorized installations of software in their tracks, best preventing threats from spreading at the outset.

Solutions such as Application Whitelisting are a security philosophy instead of just another layer of protection.  THAT is the Security Mindset at work.