Every employee shares one inescapable flaw that is putting businesses at risk – they are human.
Up to 59% of data breaches can be traced back to something an employee did or didn’t do, which helped create a security incident or cyber-attack.
To help prevent security issues build security awareness and respect into your company culture, so that maintaining digital security becomes as simple as making a cup of coffee.
Use complex passwords: Every employee, including management and owners, need to use an alphanumeric password that they haven’t used before. Password managers can assist with making sure they’re never forgotten.
Verify unknown identities: Not familiar with ‘Jenny from Accounting’ who has called to ask for sensitive information? Double check the callers identity and access permissions before releasing any information. Hackers love to play on our desire to help other people.
Encrypt by default: People regularly transfer data to a laptop, USB drive or smartphone so they can work offsite. Unfortunately this equipment can be easily stolen or lost. Set operating systems to encrypt data by default, so that it becomes useless in the wrong hands.
Protect portable devices: Laptops, mobile phones and other portable devices should always require a password and be set to auto-lock after a short period of time. Never leave them unattended in cars, buses, restrooms etc, and if travelling by plane take them on-board as carry-on luggage.
Set personal usage rules: Many businesses block productivity-vacuums such as Facebook and other websites but what are the rules regarding games, video streaming or shopping? Can users install their own software? When business devices are used for personal usage, security tends to slide which results in unintentional malware installation. Also don’t let the employees spouse or children use any company device.
Educate often: People often fall into the “it won’t happen to me” mindset. As security threats change regularly have a quick five minute discussion once a month to remind staff that you always need to be vigilant.
Some things to discuss with staff are:
- Links in emails – Hackers often send emails that look like they are from your bank, phone company or similar. Be sure to check the link by hovering over it with your mouse. This method of attack is known as ‘phishing’.
- Tech scam popups – Be on the lookout for popups advising that your computer is infected and you need to call a phone number or download software.
- Email attachments – Never open an unknown attachment and even from people you know and trust. If you are not expeciting an attachment from the sender always contact them to confirm and scan for malware before opening.
If you need help implementing better security practices in your business, give us a call on 08 8326 4364 or via email at firstname.lastname@example.org