Skip to content

Device Security Tips


Patching with security updates:

As vulnerabilities in operating systems or critical applications are found, software developer teams work to quickly resolve those. Without updating your machine, these vulnerabilities and exploits can be used against you.

Malware often infects via a drive-by-download vulnerability coming from viewing malicious content in a web browser. These exploits frequently target Adobe Flash, Microsoft Silverlight, and Oracle’s Java so these applications are good to keep updated or uninstalled if not needed.

More targeted attacks often come via targeted emails. These frequently include malicious emails and often target work-related applications like Microsoft’s Office suite and Portable Document Format (PDF) viewers. As such these applications are important to keep updated.

Using a current web-browser and operating system:

Technology is always evolving and it is important to not be left behind. This suggestion really amounts to keeping your systems patched. Microsoft quit supporting Windows XP in April of 2014. As such, any vulnerabilities found after that have not been fixed. Security patches for Internet Explorer versions 8, 9, and now even 10 are no longer fully supported by Microsoft.

Browsers like Google Chrome, Mozilla Firefox, and Microsoft Edge have moved to an “evergreen” continual update model to try to keep their users on the newest and supported versions. Microsoft is aggressively pushing Windows 10 adoption to get users on a more consistent and continually updated platform.

Keep Anti-Virus / Anti-Malware Updated:

As a company, Paycor has chosen to invest significant financial resources into our antivirus and end-point antimalware capabilities as we believe it is an important piece of our network protection. We recommend our clients make a conscious decision about using detective and possibly preventative malware software.

Be cautious opening email attachments and clicking on links: Do not open attachments unless you know who sent it and what the file is. Malware frequently gets emailed as Microsoft Office attachments with macros, Rich Text documents (.RTF), javascript (.js) attachments, and .PDF documents. Even if you do trust the sender, if they got infected by malware, the malware could be spamming infected emails to known contacts.

Avoid Shared/Kiosk Machines and public-WIFI:

Kiosk machines in hotels or other shared devices present a threat in that they are frequently infected with malware. If the machine is infected, and kiosk machines frequently are, any accounts you access could be compromised.

Because of encrypted communications (HTTPS), many users do not worry about using Public WIFI. Unfortunately fraudsters configure free public WIFI hotspots that inject malware as you are using the internet.

If a malicious user gains access to your computer, they likely have access to your email, any downloads you have saved, any passwords you have saved. This is extremely significant for administrators in the HRCM space and employees as well.

If you think you have used a machine that had malware with your Paycor.com account, it is important to reset your password from a different machine, and to let your IT know. For hr or payroll administrators it is important to your specialist know as well.

The United States Federal Trade Commission (FTC) website has some other great tips about keeping your computer safe from malware https://www.consumer.ftc.gov/articles/0011-malware.