It’s a New Year—a time for reflection and getting things in order. One resolution you can make to ensure a more secure 2017 is improving workforce cyber hygiene.
By properly training employees in smart cyber security habits and setting clear expectations, you can minimize security debacles. In fact, everyone could use a refresher — even Facebook CEO, Mark Zuckerberg, who was caught using a less than stellar password last year.
Importance of Employee Cyber-Awareness
You may have awesome IT support and the latest firewalls and email gateways keeping a watchful eye on your perimeter. But if your employees are clicking on any old link they find in their inbox or using 1234 as a password, you have a problem. A cyber-naïve workforce is the weakest link in an organization’s cybersecurity defense.
A data breach can be devastating, with the average cost reaching $4 million. And that doesn’t take into account loss of customer trust. It should be stressed that it’s the responsibility of all employees to safeguard sensitive information and company resources.
How Employees’ Online Activities Put Business at Risk
Compromised credentials are a common way for attackers to breach a network. This means a hacked password can give cyber criminals easy access to all kinds of information.
Another concern is the growth of social media. The benefits of social media are undeniable...still, there are dangers. When used carelessly, social media can lead to leaks of confidential information and loss of intellectual property. Hackers also use social networks to spread malicious code and gain access to personal information. Simple employee education can help curtail these lurking dangers.
Tactics Hackers Use to Exploit Risky Employee Behaviors
Cyber criminals have upped their sophistication, but some tactics that have been around for years are still successful. That includes social engineering schemes, like phishing. A recent study showed 23% of users open phishing emails and, more alarmingly, 11% click on the attachment.
Best Practices for Teaching Employees about Cybersecurity
Make cyber security part of your company culture by reinforcing these simple steps to your employees:
- Keep a clean machine: Set guidelines on what employees can install on work computers. In this age of BYOD, employees also need to be careful with their own devices.
- Beware of suspicious links: Even if they know the source, employees shouldn’t click on odd-looking links. Educate employees on how to use spam filters.
- Use strong passwords: Hard to crack passwords are a must. Encourage employees to use sentences at least 12 characters long, and require them to use unique passwords for different sites.
- Back-up work: Either set your employees’ computers to back up automatically or tell employees how to do it and how often.
- Be vigilant: Encourage employees to speak up if something doesn’t look right. They should feel comfortable questioning an email request— even from a superior.
A well-trained staff, combined with effective IT support and a high-quality managed security services provider (MSSP) can you get you on your way to a secure cyber future for 2017.