The 8 cybersecurity basics all your employees need to know
Although many cyberthreats come from hackers trying to access your business data, employees are responsible for data breaches more than 50% of the time. It’s usually accidental, according to industry research.
Whether it’s using weak passwords, clicking on links too quickly or leaving screens unlocked, employees very often underestimate cybersecurity concerns. Here are 8 basic steps your employees can follow right now to improve company cybersecurity.
Lock devices and computer screens
Whether an employee leaves their desk for a minute or an hour, they should always lock their computers. They should also physically lock laptops when they’re not in use. Locking devices prevents anyone else from accessing an employee’s resources or their account without their knowledge. This is a really simple step that every employee can practice immediately.
Passwords are great as long as they’re effective. Ensure employees use complex, hard-to-guess passwords with a mixture of characters, numbers, and letters. Employees should know never to reveal their password, and they should change their password if they suspect anyone knows it. Overall, passwords should be kept hidden – employees shouldn’t store login credentials anywhere obvious.
Scan portable media before using it
Before any employee connects portable media devices, such as USB or external hard drives, to their computer, they should be scanned for malware and similar viruses by a trusted virus protection tool on your machine. Otherwise, it’s easy to accidentally install malware on a work-based machine that can spread to your entire system or network.
Avoid public Wi-Fi
Viruses and malicious programs can move between devices connected to the same network. Using a public Wi-Fi service in hotels, cafes or restaurants puts the user, their data, and their hardware at risk. Employees should only ever access company resources or data from a secure network. Public and unsecured Wi-Fi is relatively easy for your employees to avoid, especially if they have secure mobile hotspot or VPN access available.
Employees are at risk of accidentally revealing company information externally. Advise employees to never share potentially sensitive company information over the telephone, online, or through emails. In addition, they should never take photos that include confidential information – for example, an office “selfie” with an unlocked computer in the background.
Avoid unknown links, popups, and downloads
Employees should avoid visiting links or opening attachments they’re unsure of. Even with internal sharing of a URL or a download, the recipient should always confirm that the link or file is genuine and safe before taking action. Many browsers and antivirus or anti-malware tools work in the background to scan links and attachments if you have them set up correctly.
Employees can be more responsible if they understand the potential damage of downloading unfamiliar files or even unauthorized programs onto your business computers. It’s easy for hackers to “spoof” email addresses or domain names to make a message, download or link appear genuine. So, employees should remain alert and use caution with online messages and information. For example, if an unfamiliar email contains a website link, it’s a good idea to right-click the link to see the actual email sender address or destination or to simply search for or manually type in the correct address instead of clicking the email link.
Report lost or stolen devices immediately
An IT specialist can wipe a lost or stolen device quickly. This prevents potentially sensitive data falling into the wrong hands. It’s important that employees report misplaced or stolen devices without delay. Even if the device turns up again, it’s better to be safe than risk compromising company or customer data.
Report concerns or problems to IT
Employees should approach their IT specialist or team with any concerns, however small. It’s also important to report mistakes, such as clicking on a bad link or using a USB without scanning it first, so that IT can check your system and related resources for issues.
There’s no problem too small to discuss with IT – it’s always better to be overly cautious than careless where security is concerned.
For more information on how PRO OnCall Technologies can help keep your business data safe and reduce cybersecurity risks, contact us today.