How Your Employees Are Impacting Your Organisations IT Security
Your employees are the backbone of your business. The life and soul of the organisation, the people creating and pushing your product or service. So, surely, they can’t be putting your business at risk? Well, that’s where you’re wrong. It’s 2018, and not to make you skeptical, but there’s a lot of malware out there ready to cause you and your business all sorts of security issues.
In order to overcome and prevent security disasters, staff training is of high importance. But, what are we looking for? What do we need to be training our employees on or teaching them to prevent large-scale IT security disasters? And how are employees putting my business at risk in the first place?
Well, there is a multitude of ways security can be breached, some more simple than others.
Here are a few examples:
Using public wifi
Sharing passwords/login details
Saving business data to their own devices
Failing to install updates
Passwords – yup, as easy as that. You wouldn’t believe how easy it can be for someone to hack a password, especially to that all-important-data that is most definitely confidential and detrimental to your organisation in the wrong hands.
If you picture one employee having an easily cracked password, multiply that by how many employees you have (with weak passwords) …that is a lot of passwords and access in the wrong hands. A recipe for disaster, a data-security-disaster to be specific.
What should we do to prevent this?
First, you need a “password policy” within your organization. Perhaps implement a system which means employees have to regularly change their passwords, for example, every 3-4 months. There are simple and effective solutions easy to implement throughout your organisation. Introduce passwords prompts that only accept nine character passwords that are a combination of numbers, symbols, and letters both lowercase and uppercase. By educating your organisation’s employees on the need for password strength, as well as introducing policies for passwords, you will be taking a huge leap in the right direction, protecting your company from within.
Downloads, downloads, downloads…
With multiple employees, it can be difficult to keep track of everything going on – after all, more often than not they are in charge of their own working area and devices. When an employee innocently downloads an extension or is swayed into clicking on a link from a dodgy email server – all hell can break loose in minutes. In saying this, your employee was probably trying to help whether that be to increase productivity or efficiency, and it backfired. Once a virus is downloaded, it can travel relatively quickly, and not just through that one isolated workstation, often through the whole network. The last thing your business wants is the virus or hacker getting to important data, so maybe it’s time to think about some network isolation.
Prevent the virus’!
If you have a disaster recovery plan, then daily backups should already be set in motion. If you don’t, it’s a good idea to think about running virus scanners daily. This method can help eliminate virus’ on a single machine and help reduce data loss and consequential damage.
Downloads should be limited, so again, educating employees is key. Inform them of the dangers of clickbait via emails and ensure the company forms a security-focused culture to prevent any mishaps in the future.
Taking advantage of that free public Wi-Fi? Think again!
You’re in a hurry, or you’ve not paid last month’s Wi-Fi bill and you need internet quickly. That’s all very well for your weekends spent in cafes browsing the news and the latest football scores. But in the workplace, no, no, no! Public Wi-Fi tends to be unencrypted which means that anyone in a radius of the connection is able to intercept it with the right knowledge and skills.
Remember, most hackers do this for a living and are very equipped to cause some serious data issues. Employees on their work devices accessing public Wi-Fi are leaving themselves (and your organisation) open to harmful website redirects and virus’ getting to work as you browse.
Invest in a VPN
If you find yourself using public accessed Wi-Fi regularly then it’s time to purchase a virtual private network and give your computers, laptops, and tablets that extra layer of protection. This will help to improve security levels when devices are using the Wi-Fi or any other remote network.
Lost Portable Devices
This is every employee’s worst nightmare – the dreaded misplacement of an important piece of work equipment, please not the laptop, please! Believe it or not, it happens all the time. That flying business trip to Belfast, a mere 30-minute flight but you appear to have left your laptop in Starbucks. Not a great start. As an employee, you’re already picturing your bosses face, but, perhaps you should be more concerned about who gets their hand on your lost goods.
Not only does this make the data on your device vulnerable, it opens doors to your organisations network – some easier to close than others.
If you’re the kind of business where devices seem to follow you around, ensure all data is encrypted to the device drive and not just folders here and there. By doing this, next time your laptop or tablet goes AWOL, panic levels will decrease dramatically AND your organisation and network will be safe.
These are just a few of the ways how cybersecurity can be impacted. But remember, staff training is key. Take your organisations security seriously. Security disasters are easier to prevent than they are to fix!
If you are looking for more information or are looking to solidify your security, speak to us at Onestop IT. Not only do we provide exceptional IT security services to defend your organisation against cyber threats but we offer cybersecurity awareness training for you and your staff. Get in touch today!