Employees are a big weakness in any information security plan. These 6 tips will make your security stronger.
The biggest security hole in any business isn’t the network or your computer assets or the various programs you operate on.
The biggest security threat to any business is the people that work there.
Because people do stupid things. And when they do stupid things with company information (like leaving a laptop in the backseat of a car with customer information), your company is at risk of a data breach.
That’s why when it comes to cybersecurity, paying attention only to the IT side of things isn’t good enough (though that’s essential, of course).
You need to train your users.
Here are a few tips to help you get started on training employees on information security.
No one likes to be told “just because.” One of the most under-appreciated tips when it comes to security training is to explain why things need to be done a certain way.
Research backs this up. A university study, Technology Use: Conceptual and Operational Definitions, showed that explaining why when training about phishing attacks led to fewer clicks on phishing emails.
Create and follow a security policy. A report from SolarWinds, Cybersecurity: Can Overconfidence Lead to an Extinction Event?, reveals that only 32% of companies enforce and regularly check their security policy. That means 68% of companies are playing fast and loose with their security policy—is that you?
Regularly train users on security threats and how to avoid them. As phishing emails become more personalized, everyone in your office needs to stay up-to-date on these increasingly sophisticated social engineering attacks.
Do employees keep passwords on sticky notes attached to their monitors or in desk drawers? If anyone gains access to your offices, exposed passwords can lead to a data breach. Enforce clean desks and secure password storage.
As nearly everything connects to the Internet today, make sure you change the default password on any device or software that connects to your network.
Require users to change their passwords every few months. Ensure passwords aren’t simple sequences like “123456” or based on pet names, anniversaries, or other easily guessed information.
Following these six tips will improve your cybersecurity efforts.
Want even more tips? We’ve put together a free eBook with everything you need to know to keep your data safe, The Essential Cybersecurity Toolkit for SMBs. It covers common social engineering scams, must-have cybersecurity tools, and includes a practical checklist.
Download your free copy by clicking the button below. You’ll be thankful you did.
Four scenarios you might face: 1. Day-to-day IT maintenance is dragging you down. Are you running around just trying to…
5 Cybersecurity Tips Amid the Work From Home Tidal Wave: 1. Begin with the basics. Everything you already likely know,…
Why These Social Engineering Scams Work—And Why You Need to Know About Them. Social engineering attacks work because they feels…
From stability to strategy, ActaMSP delivers clarity and action where it matters most.
