July 12, 2017 - While a lot of breaches in cyber security might come from outside, those that come from within can be even more dangerous. Although your employees might not wish to deliberately cause a breach, it’s altogether feasible that they could do so by accident. Here are 7 cyber security practices to include in your training.
Password best practices
Make sure that your employers are aware of the best practices when it comes to passwords. These are choosing a strong password combining letters and numbers, and making it as random as possible; changing the password regularly; never writing it down or telling anyone else what it is; never letting another individual use your login; and using different passwords for different systems. This will help to ensure fewer password leaks – and will help to limit damage if one is leaked.
Make sure that your employees know to update programmes and software as soon as an update becomes available. Updates are key to maintaining security, as patches contain fixes to common attacks as and when they become known. The best policy you can have is to give your IT department the power to update all computers remotely. If you can’t do this, make it clear that updates should be done as soon as they are offered.
Out of office usage
If your employees take their work laptops home, or can access work systems such as email on their phones, you need to make your usage policy very clear. Employees should never access work files or programmes while on a public Wi-Fi network. They should also avoid using Bluetooth on any device which is capable of accessing work-related things. This is key to keeping hackers out of your system, as they will always go for the weakest point of entry.
Again, your employees should also be taught never to let anyone else use their devices that are used for work. While it may make sense that an employee takes their work laptop home and allows their kids to play games on it, it should be done in a more careful way. Set up a new profile on the same computer so that the kids have no access whatsoever to the company network. If they happen to make a mistake or click on the wrong thing, the network will still be in the clear.
Make sure that your employees are aware of security when it comes to their devices. Laptops, tablets, and smartphones are key targets for thieves. If they allow their work devices to be stolen or compromised, it could mean big trouble for the company. Brief them fully on how to keep their devices safe, and remind them that the items are their responsibility while they are not in the workplace.
Have a company-wide policy which enforces back-ups of all of your network files and programmes. This should be done on a regular basis to ensure that as much data is backed up at all times as possible. If a breach happens and data is lost, you don’t want to have lost it forever. Imagine how far back an attack like that could set projects and company procedures. Be sure to enforce mandatory back-ups at least once a month, if not once a week.
Finally, ensure that your employees know that the workplace and work devices are to be used for work only. They should not be pursuing personal interests on the internet. Anyone that does invites a security breach.
With these practices in place in your employee training, your company’s data will be all the safer.
About the Guest Author