When the World Economic Forum deems cyber attacks to be one of the top global risks, it’s clear safeguarding your cyberspace isn’t a requirement. It’s a necessity.
Keeping your business safe in a digital world means putting preventative measures in place, and one of the easiest entry points for hackers can be your company’s staff. As such, cybersecurity in the workplace really does begin at home; if your employees can prevent a cyber-attack in their personal lives, it will reap rewards for your business.
So, what should you communicate with your staff about cybersecurity?
1. Privacy settings
We share a lot of data about ourselves online- whether it’s our birth date, holiday photos or new job appointments. Unfortunately, sharing this information poses numerous privacy risks, and social media is the first place your staff should begin protecting themselves. Posting where people work (for instance) could provide a potential loophole for phishing scams. So, it's important to show staff where to find the “privacy settings” under the menu options. Enabling these settings ensures fewer people, such as only close friends and family members, see the information.
Take your Privacy Checkup to review the data Google is allowed to use
2. Suspicious emails
Most of us are familiar with junk mail, and we should all know how to activate spam filters. But fewer are aware of the dangers of sophisticated phishing emails. Instructing your users to scrutinize their professional emails in the same way as their personal ones will keep your business safe. That means checking sender names against addresses, looking for obvious grammatical errors, being suspicious of requests for urgent action, and being wary about clicking links or responding to requests for information.
Does a link look a little suspicious to you? Here's how to tell
3. Secure browsing
Ensuring users know to check for regular device and browser updates is crucial since the latest patches are normally rolled out to fix any vulnerabilities. It’s also important that both personal and professional antivirus software and operating systems are up-to-date. If users conduct work from home, they should do so over a secure, encrypted connection. Users should avoid saving login details, and when making transactions, to look for certain identifiers, such as the https:// and green padlock symbol which means a site has an SSL certificate.
Most websites do their best to ensure information is as secure as possible, but some malware programs have been developed to infect and attack a computer while a user is browsing the internet.
4. Sophisticated passwords
Users should know what makes a strong password – one made of letters, numbers, symbols. Make sure the password doesn't form a recognizable word and should be changed regularly. In the US, the average internet user has around 130 different passwords. [don't think of passwords as passwords, think of them as passphrases].
Random passphrases actually provide the best combination of security. Here are a few examples of strong passphrases:
5. Safe downloading
Although reputable manufacturers develop some of the available apps we use on our personal devices, most of them have been created by third parties. The problem lies in the amount of information these applications can access from a device but also the potential loophole they present to hackers if their security isn’t completely robust or updated. Users need to pay due diligence when downloading programs or apps that come from suspicious sites or sources, particularly if using their work device at home or if you implement a BYOD policy in the workplace.
Cybersecurity is imperative in the 21st century, and antivirus software and firewalls can only do so much. Your staff are one of your biggest vulnerabilities, so training them can help protect your business. To find out more about our IT solutions, speak to us at Appsonnet today