The biggest block to protecting your company’s data is employee ignorance about cybersecurity. In fact, your employees are probably compromising your data right now and aren’t even aware of it.
In case you haven’t read the reports, a statement from one of the many companies recently forced to close its doors following a cyber-attack involving one of their own employees brings the point home:
“Code Spaces will not be able to operate beyond this point. The cost of resolving this issue and the expected cost of refunding customers who have been left without the service they paid for will put Code Spaces in an irreversible position both financially and in terms of ongoing credibility.
”Root cause of the disaster? Very likely a phishing attack that one of their own team members unwittingly played a key role in. If you want even a ghost of a chance that your data remains safe and secure, you MUST be aware of the five ways your employees are probably putting your company at risk right now:
Risky Passcode Practices
A good rule of thumb is, if you can recall a password, it’s probably not safe. Require the use of a random password generator to keep weak passcodes from being the weak link in your data’s defenses. Invest in a company-wide password protection system. And wherever possible, use two-factor authentication for logins to critical sites.
Working Outside A Secured Network
It’s great that your team loves to collaborate. Just make sure it’s done in a secure network. E-mail-sharing and file-sharing over a non-secured network can lead to leaks. Train your team to share sensitive messages
only within a secure company network. Even better, invest in encryption and collaboration tools that keep your data extra-safe while in transit. After all, great teams need to collaborate. Just make sure it’s getting done without putting your data at risk.
E-mail Naïveté
Most people are aware by now that clicking on unknown links in an e-mail can lead to trouble. Yet clever hackers are sending ever more appealing e-mails that trick the unwary into clicking. Insist that no attachments from unknown sources are to be opened. And require that users on your network look up unknown links before blindly clicking on them.
Unattended Devices
Walking away from an open laptop in a coffee shop is a recipe for disaster. Yet even at the office, stepping away from a workstation can expose sensitive data to snoops. Insist that wherever your team works, they maintain complete visual control over any screen showing confidential company data.
Malicious Acts
You may find it hard to believe, but employees leaking critical data on purpose happens all the time. It may be for a personal venture –or a personal vendetta against your company. Regardless of the cause, it’s always a risk. And you may not see it coming. Safeguard all data coming into or going out from your company. And always change access codes whenever someone leaves your employ –willingly or unwillingly.
So…how can you protect your business from employee error?
The thing about cyber security is that it’s a lot more complicated than most people are willing to admit. Today’s digital landscape is fraught with hazards, a thousand little mistakes to be made at every step, resulting in a million workarounds for cyber criminals to use. Even the most tech-savvy among us probably don’t know everything about cyber security, and very few have as much knowledge as the hackers on the other end of the equation. When you consider the uncertainty and potential miseducation of your employees, many of whom probably know next to nothing about cyber security, you might start to feel a little panicked.
The battle against digital threats can seem like an endless slog – a war that the good guys seem to be losing – but luckily, when it comes to the security of your business, there are ways to batten down the hatches without dropping a ton of cash. For instance, start with your biggest vulnerability: your team. When a new employee joins your organization, they should go through a thorough cyber security training. Their welcome forms should include comprehensive rules about security policies, from using strong passwords to how they should respond to potential phishing attempts. Deviating from these policies should come with serious consequences.
As for your existing employees, train them up! We can help you build a robust education program to get every single member of your organization up to speed on the most imminent cyber security threats. But even then, cyber security isn’t a one-and-done kind of thing; it requires constant vigilance, regular updates on the latest trends and a consistent overall commitment to protecting your livelihood. Without training and follow-up, even the most powerful of cyber security barriers are basically tissue paper, so put some thought into your team in addition to your protections, and you can drastically increase the safety of the business you’ve worked so hard to build.
Don’t Fight This Battle Alone
Protecting company data in today’s fluid and fast-changing business environment is tough work. If you don’t have a robust protection plan in place, your critical data IS at risk. Get started with our guide to securing your digital landscape “Bringing Shadow IT Into the Light.” Download it here.