By Karen Mesoznik, Perimeter 81
90% of Americans are using their personal devices for work, risking their workplace by accidentally opening access to their company data. Keeping your company and employees safe from cyber-attacks can be done by just following these 5 simple rules.
Today, it’s become even more complicated for companies to prevent cybersecurity breaches. That’s why businesses must understand that each employee, intern, and manager all play equal roles in protecting your private business data. A few examples worth mentioning include the Equifax breach which compromised the identity of millions of users and the Yahoo breach that affected essentially every single user of the service.
Here are 5 easy ways you can mitigate these risks and start protecting your employees both online and in the office.
With 90 percent of Americans using their personal devices for work, employees are constantly at risk of accidentally opening access to company data. For example, if an employee connects to unsecured Public Wi-Fi, their device immediately becomes susceptible to bad actors.
By reminding your employees of proper security practices and encouraging safe cyber hygiene, you can alleviate some of the risks associated with online browsing and remote connections to the network.
The single most important way to keep your employees safe online is to educate them about cybersecurity. This requires more than just a single briefing, but instead, regular reminders of the real dangers of cybercrime and the frequency of attacks on businesses. A simple “I have read and understood the terms and conditions” document isn’t enough.
Employee training during the onboarding process is essential for protecting your business’s private data. You can test out Cyveillance which offers safety awareness computer-based training for your employees regardless of how large or small your business is. The company claims to successfully reduce the number of employees who click on malicious links by 50% after completing their training.
Employees also include top management and staff positions. In fact, top managers are often popular targets due to their advanced access to sensitive information stored on servers. Additionally, higher positions often travel more frequently, conducting business on unsecured Wi-Fi networks and exposing their confidential data in plain text without encryption.
Often, employees receive emails or other communication asking for sensitive information. These types of phishing attacks allow cybercriminals to request users to “log in”, allowing them to capture usernames, passwords, and other personal information.
These same techniques can also be used to infect company computers with botnets, viruses, and Trojans. Sage Singleton, safety expert for SafeWise, details, “Many malware scams happen from within and are accidentally caused by employees. Hold quarterly security seminars and continually remind employees to never open suspicious links that could cause malware. If an employee is emailed by someone asking for private information (like W2s, employee files, etc…) have that employee reach out to the HR department immediately. Employees should never give out personal information to anyone. Let HR handle that.”
The expectations for secure passwords have undoubtedly increased in recent years. Using common and frequent passwords has enabled hackers to access millions of accounts annually. Follow these guidelines to ensure safer, more secure passwords for your accounts:
As your employee privacy is vitally important, the information obtained from your customers is equally sensitive. To ensure customer privacy, employees should store, protect and destroy information regarding customer names, addresses, email addresses, telephone numbers, personal opinions, or credit card information.
“Unfortunately, 64 percent of small businesses are victims of internal employee theft. As such, it’s essential to perform routine safety checks to make sure your business is protected. Update inventory regularly, change passwords frequently, distribute the workload evenly, and check-in with employees frequently to ensure your business is secured from the inside out,” says Singleton.
Security software such as anti-viruses, anti-spyware, anti-spam filters, and firewalls all help keep your corporate data safe. However, these traditional security frameworks are outdated in our current digital world. To mitigate the cyber risks that businesses face today, it is important to invest in an extra layer of security, including: