WebSafetica
      Back to home
      1. Legacy products
      2. LEGACY: SAFETICA ONE 10
      3. WebSafetica

      Security issues

      This article explains security issue warnings displayed in WebSafetica.

       

      Information in this article applies to Safetica ONE 10 or older.

      Introduction

      Security issue warnings are visible in WebSafetica and in the Security Audit report.

      They describe company security status and data flow in specific communication channels. Security issues and related recommendations are based on audited data, recorded employee activities, and configured security rules. If these issues are not handled properly, they may pose a threat to sensitive data and company workspace.

      In this article you will learn about:

      What do security issues look like? 

      Security issues are color-coded accordingly to their status:

      Unresolved security issue - red

      Any unresolved security issue poses a risk to the company and immediate attention should be paid to it. For example, a security issue may arise in situations when there are insufficient or completely missing security policies preventing leakage of sensitive data.

      Example: 10 sensitive files were sent from your company via webmail services, which are not controlled by any security policy.

      Treated security issue - green

      If security measures are sufficient then a security issue is labeled as treated. However, continuous attention should be paid to the situation and you should regularly check that the security settings are reflecting the company's current requirements.

      Example: You have set security policies for webmail services and defined where sensitive files can be uploaded.

      Hidden security issue - grey

      A security issue which the company resolves by different security tools can be hidden. This way, only unresolved issues appear and the admin can focus on other important problems. Previously hidden issues can be restored.

      Example: 10 sensitive files have been sent from your company via webmail services, which are not controlled by a security policy.

       

      Types of security issues and how to resolve them

      Security issues cover a number of areas, below are some of them:

      Fundamental security measures are missing

      The recommended basic security measures include setting up immediate warnings or regular e-mail alerts. If a security incident occurs, a quick response through immediate warnings is important to minimize negative impacts. Responsible persons can thus immediately deal with a risky issue. Also, a regular review of the company's security status via regular reports is an important part of the overall security strategy.

      To improve your company's security, we recommend the following:

      • Set instant email alerts for any security incidents you want to track. 
      • Check that the instant warnings are up-to-date and assigned to responsible persons. 
      • Set automated reports for all relevant areas. 
      • Check that the reports are up-to-date and are assigned to the responsible persons. 

      You can find out how to set up immediate warnings or regular e-mail reports in Safetica documentation. 

      Missing identification of sensitive company data

      Without understanding what data is considered sensitive in a company, it is not possible to create effective security policies and prevent sensitive data leaks.

      To determine what data is sensitive in a company, we recommend the following:

      • Check the files that employees are working with and identify sensitive data. 
      • Evaluate which files are leaving your company via individual communication channels. Check if any of these files should be categorized as sensitive. 

      More information on how to identify sensitive company data can be found in Safetica documentation. 

      Missing protection for a communication channel where sensitive data flow

      Sensitive data can leave the company through various communication channels, such as USB flash drives, e-mail messages with attachments, websites, cloud storages, and others. Each communication channel represents a specific risk to your sensitive files and it is, therefore, necessary to protect all of them. One of the most common methods of leaking data, for example, transferring large volumes of sensitive files to a USB flash drive. It's a very easy and fast way for a company to lose control of its data. Subsequent loss or theft of a USB flash drive will result in critical data getting into the wrong hands.

      To protect communication channels, we recommend the following:

      • Determine and check which communication channel is suitable for transmitting sensitive data. 
      • Restrict or disable the transfer of sensitive data via other communication channels using DLP policies. 
      • Determine trusted target locations for sensitive data.
      • View alerts sent to employees if sensitive files leak out via a non-authorized channel. 
      • Set up email alerts, triggered by copying a large amount of files. 
      • Provide employee training on standard security procedures when working with sensitive data. 

      Please refer to Safetica documentation in order to set up DLP policies, restrict inappropriate channels, or create alerts.

      Lack of restrictions for high-risk applications or websites 

      Understanding which applications or websites employees visit, helps companies to discover security risks and gain better insight into work-related user activities.

      To reduce high-risk employee activities, we recommend the following:

      • Set policies for applications and websites to prevent the use of risky or dangerous websites and applications. 
      • Set up regular automated reports on used applications and visited websites
      • Check which applications and websites are being used. Evaluate if the website categories need editing. 

      How to reduce the use of risky applications and websites can be found in Safetica documentation.