Signing out of account, Standby…
Just because you know cybersecurity, doesn’t mean your employees do.
In today’s digitally connected world, your team has the unprecedented ability to quickly get the tools and information they need to streamline their work. But with all of that accessibility comes new risks to your cybersecurity. Malicious individuals are eager to gain access to the confidential information housed in your company’s networks — and your employees can be an all-too-easy target.
Case in point: research from Stanford University and Tessian reveals that 88 percent of business data breaches are caused by employee mistakes.
Without sound cybersecurity training, your employees are likely going to continue making mistakes that have the potential to compromise your data — and your clients’. Understanding what they are doing wrong and setting things right is essential.
Phishing scams are perhaps the most widely known example of how employees can compromise your network. These occur when an employee receives what seems to be a legitimate email asking them to click on a link or to provide certain information.
Unfortunately, simply clicking on a link could be enough to bring malware into your network. Employees must receive training to understand what these emails look like so they can send them to the spam folder where they belong.
As Steven Price notes in a blog post for Tech Rockstars, “The challenge is that phishing emails have gotten harder to spot. Scammers can spoof legitimate web addresses. They can make fake emails look like the real deal. But there are still plenty of minor details that indicate the e-mail is a fake. […] Training helps employees identify red flags.”
Continues Price, “But more than that, it helps them identify changing red flags. For instance, a phishing email from 2010 looks nothing like a phishing email from 2020. Scammers stay ahead of the curve. They know the trends, and they know how to adapt. Your employees also need to know the trends and need to be ready to adapt.”
Related: 5 Types of Employees Often Targeted By Phishing Attacks
The rise of remote work has certainly benefitted employees and businesses by offering increased flexibility and reduced overhead. Unfortunately, the networks they use to access the internet may not be as secure as what you have in place in your office.
When an employee uses an unsecured wi-fi network (such as at a coffee shop or airport), hackers can easily intercept login information and other sensitive data that is transmitted via this connection. This includes emails, instant messages, bank account data — anything that the employee accesses while using this network.
Businesses must ensure that their own networks are fully secured, and provide strict instructions to employees regarding which networks they connect to for their work-related activities.
Most companies use a broad range of cloud computing tools, such as CRM software or logistics tracking. Most also use programs for word processing, accounting and other vital activities. Even for programs that don’t seem to depend too much on the internet, ensuring that all software is fully up to date is crucial for preventing security breaches.
The reason behind many software updates is to address new security vulnerabilities that have been discovered. Failure to update software can leave loopholes that hackers can use to access the information being stored by your business. Similar issues can also result from using outdated hardware. Eventually, the hardware manufacturer will stop pushing updates for old equipment, leaving it vulnerable to security threats.
Ensure that your network administrator is keeping all software up to date. Remember that the cost of replacing old hardware will ultimately be much less than if you were to suffer a data breach.
Related: 5 Essential Considerations You Need to Make Before Investing in New Technology
Easy-to-guess passwords (like “password” or “123456”) are never a good idea — especially if your employees are using the same passwords for their work and private accounts.
As Clifford Colby and Sharon Profis explain in an article for CNET, “It’s worth repeating that reusing passwords across different accounts is a terrible idea. If someone uncovers your reused password for one account, they have the key to every other account you use that password for. The same goes for modifying a root password that changes with the addition of a prefix or suffix. For example, PasswordOne, PasswordTwo (both bad for multiple reasons). By picking a unique password for each account, hackers that crack into one account can’t use it to get access to all the rest.”
Strong passwords use a mix of upper and lower case letters, numbers and special symbols. They should avoid using common words or phrases, as well as personal information that someone else might know.
A random combination of characters can be quite effective, even though your employee might need to write it down somewhere safe to remember it. Requiring strong passwords for business accounts and implementing two-factor authentication will help prevent easy breaches.
Surveys indicate that 43 percent of workers don’t receive regular cybersecurity training — and an additional eight percent have never been trained. This poses a major risk to your business, especially as phishing and other cybersecurity threats are becoming more prevalent and more sophisticated.
By ensuring that your employees know what to do — and what not to do — online, you can have greater confidence that their actions aren’t putting your business at risk.
Exclusive: Tom Brady Appoints Lowe’s Executive as the New CEO of His Wellness Company TB12
The Richest Person on Earth Breaks Every Rule, and You Should Too
Food Network Star Geoffrey Zakarian Distills the Entire Hospitality Industry Down Into Just 48 Words
Overcome the 5 Common Obstacles Keeping You From Full-Time Entrepreneurship
How This First-Generation American Founder Is Taking on Fast-Food Giants
Want to Improve Your Creativity and Focus? Try Eating Chocolate for Breakfast
How the Creator of Dugout Mugs Hit a $30 Million Home Run With a Business He Started in His Apartment
Copyright © 2022 Entrepreneur Media, Inc. All rights reserved.
Entrepreneur® and its related marks are registered trademarks of Entrepreneur Media Inc.
Successfully copied link