For good reason, organizations regulate their employees’ access to their office devices. Of course, there are no overarching rules but organizations try to adopt a ‘horses for courses’ approach, i.e., an employee working in the financial sector who handles confidential data day in, day out may only be allowed to use their device to log on to the company network. On the other hand, the same organization might allow employees in its marketing department to use the Internet without any access restrictions.
All organizations though agree on one principle – office systems cannot be used to conduct illegal activities. There is a very good reason for that: companies could be held responsible and be liable for penalties if law enforcement agencies discover that their company systems have been used to commit illegal activities. Ultimately, an organization is responsible for the activities conducted through its system and that’s why the necessary controls must be imposed.
Section 85 of India’s Information Technology Act 2000 lays out the law, “…it is proved that the contravention has taken place with the consent or connivance of, or is attributable to any neglect on the part of, any director, manager, secretary or another officer of the company, such director, manager, secretary or another officer shall also be deemed to be guilty of the contravention and shall be liable to be proceeded against and punished accordingly.”
What kind of controls can enterprises implement to ensure their systems are not being used for illegal activities?
Web & URL Filtering
Seqrite’s Endpoint Security (EPS) and Unified Threat Management (UTM) solutions allow administrators to impose controls on access to non-business-related web traffic. Controls can be customized according to the organization and group policies can also be created for separate groups of users. The key purpose of this feature is to ensure that employees cannot visit malicious or illegal websites, hence preventing them from carrying out any malicious activity on a business system.
Enterprise Mobility Management
It is also important for enterprises to create a safe mobile ecosystem for business devices, especially in the era of COVID-19 where employees continue to work from home. Seqrite mSuite offers a powerful Device Management feature with remote lock/unlock, locate/trace & device data wipe options. Real-time device tracking with map support is also offered.
For enterprises that have rolled-out BYOD, Seqrite Workspace goes a step ahead by offering powerful mobility BYOD device management and security solutions. This ensures that enterprise data remains safe while employees are restricted from mishandling enterprise data.
App Management
App Management is critical at a time when even official app stores from big providers have fraudulent or fake applications listed from threat actors. There is a risk of these apps being downloaded on business mobility devices and then taking control of the entire device thus endangering business data.
That’s why Seqrite mSuite’s App Management feature allows the option of blacklisting and whitelisting of apps while ensuring only authorized apps can be used by a user. Thus, malicious apps that could be used for illegal activities can be summarily blocked.
Asset Management
Administrators must be vigilant of their assets to the extent that they should closely monitor the hardware and software configurations of their devices. Any unauthorized approval should appear as a flag. Seqrite’s Endpoint Security (EPS) ensures administrators are alerted whenever there is an alteration on a company system. This ensures any usage of a potentially illegal application can immediately be investigated and revoked.
