IT Security | Management Suite

Using Deploy Scripts to Elevate User Cybersecurity Awareness

16. March 2021, Avatar of Felix ZechFelix Zech

In my last blog post,  I looked at how SecOps can strike the right balance between IT security and productivity. But any IT admin managing endpoints knows that even the best IT staff using a super-capable UEM solution needs an assist from one key area: users.

Despite increased user training, hackers continue to be successful distributing ransomware or malware and harvesting sensitive company data via email file attachments and links to bogus websites. Trusting in the ability of users to detect and avoid increasingly well-disguised attacks is not only ineffective, it’s a form of carefully formulated negligence. A better approach is to give them a bit of additional technical assistance with one of our UEM tools.

Gibt es Möglichkeiten, wie die Unternehmens-IT ihre User hier unterstützen kann?

Oder muss sie sich allein auf das Vertrauen in die IT-Mündigkeit der Kollegen/innen verlassen „à la ‘der User wird schon wissen, was er klickt‘“? Die Antwort lautet „ja“, denn allein auf das Wissen der Mitarbeiter/innen zu vertrauen, ist vorsichtig formuliert fahrlässig. Administratoren können über zusätzliche technische Hilfestellungen aktiv dazu beitragen, die IT-Sicherheit im Unternehmen auch mit Blick auf ihre User/innen nachhaltig zu verbessern. 

Dafür stehen heutzutage vielfältige Optionen zur Verfügung, von denen ich eine ganz besonders in den Vordergrund stellen möchte: die baramundi Deploy Scripts.

Empowering users via baramundi Deploy Scripts

A baramundi Deploy Script (bDS) is a script written in a proprietary scripting language within baramundi Management Suite. It is most often used by IT administrators to automate common tasks across multiple machines including:

  • copying files
  • changing registry values
  • writing text in files
  • executing various processes
  • displaying alerts and messages with content from multiple sources

IT admins can use bDS is to draw users' attention to potentially dangerous files, sort of like the Wanted Posters or notifications that the FBI, Interpol and other law enforcement agencies use to help find criminal suspects. For example, an admin could create scripts that show users the extensions of suspicious files. The script can also display messages on how to deal with suspicious files, such as requesting that the user notify SecOps or forward the suspicious file (safely, of course) IT teams can use similar messages  – which users cannot skip – to share info about active malware or other threats. That includes integrating content from webpages, which are displayed as an active window in the foreground that can only be closed if the user has read and acknowledged the info.

Support for proactive malware detection

Another helpful option allows admins to track when and where users read messages about cyber threats. Admins do this from the main baramundi Management Console. Scripts also can be integrated with other endpoint management tasks or “Jobs” via Baramundi Job Control. That enables messages to be automated and displayed when certain conditions exist, at specific times, or repeated as needed.

Users as a risk factor

Cyber threats change and evolve in frequency and severity. But one thing that remains consistent – and that hackers take advantage of – is human nature. In other words, users tend to be the weakest link in cyber defenses. That’s not a knock on users, just a fact of life. German cybersecurity education experts at IT-Seal report that since 2018 half of all employees click on links in phishing emails. Employees in HR, finance, IT and production are targeted most frequently  because they often have the greatest access to sensitive business information. Their access rights also tend to open more attack vectors to other parts of the company network once a PC has been compromised. 

You only need to scan daily IT industry newsletters to understand the consequences of a successful attack. That’s all the more reason to take advantage of the tools built into bMS for improving user cybersecurity awareness as part of a multi-layered defense strategy.

Read more

Entries 1 to 3 of 3