Security is understandably one of the major concerns for most modern companies, not only due to the data that is being kept on your computers, but all outgoing communication as well. While it is extremely important not to hinder your everyday operations by increased security, there must be a balance between too little and too much.
Naturally, risky behavior can expose weaknesses in your cyber-security, and your employees are the main vector of breaches. Educating your workforce is essential, and some of the behaviors that mostly endanger your security include the following.
you allow your employees to bring their own laptops to work, then it must mean that you have a way for them to connect to the internet. But, a new computer might bring all kinds of dangers with it, from malware, spyware and other kinds of –ware, you are never sure what to do. It is well known that Windows operated computers are much more susceptible to all kinds of attacks, so it is important to make sure that, if your workers bring their own equipment, they use updated antivirus software from major companies like ESET or Kaspersky.
This will minimize any impact on your network; you will just have to hope that security programs on your own computers are updated and able to prevent further spreading of malicious content.
Around 5% of U.S. employees have access to adult content on their company computers. While this might seem like a guilty pleasure that isn’t hurting anyone, you are wrong. It is probably the most dangerous behavior, because while the most popular porn sites can be trusted, some of them are a lair of malware, especially those that require you to download content.
Adult content is not the only one to blame. Downloading torrents and so-called cracked programs and ripped movies is also an excellent place to download unchecked files that can endanger your security. While a good piece of security software will catch most of those, it would be best to completely block this kind of traffic, and to work on installing firewalls for both outgoing and incoming traffic.
Mobile Phones Connected to Wi-Fi
The same thing goes for mobile phones, as well as personal computers. If your company hosts an open Wi-Fi connection, make sure that it is not connected to your other computers. Mobile phones are becoming the greatest generators of internet traffic in the world, simply because they are always accessible and make sending and receiving so much content way easier than before. It would be best for your office not to even have an open Wi-Fi network, or if you require it for wireless access, then it should have passwords that change regularly, like once a week, or even more frequently; you also need a channel of sharing that password safely to all your employees.
This is the most devious way an attacker can fool even a well-intentioned employee and cause great harm to your company – all that, with a simple click on a link. While most email engines are good at reducing unsolicited emails, it still presents one of the major threats. The internet is full of scams that are available on all levels, and while emails must be the most famous, phishing can happen anywhere, most importantly, on social media. If people use the same passwords for their work, as well as private accounts, a simple breach in LinkedIn can expose the same password that someone uses on their work email.
Social media are difficult for companies to even monitor, and not to mention secure. The most common approach is to totally ban social media from your work space, but what if that is not possible? Some companies use social media to constantly measure customer engagement, but there, even a simple link can present danger to your internal data. What is more important, social media can reduce the productivity of your employees as it can quickly eat away the time that should be spent on doing something else.
Almost no software security solution can reduce the number of threats to zero, but can effectively minimize it. The most important approach is education, either by you, or by certified cyber-security experts that can present most of the common problems and solutions. Your employees need to understand the risks of certain behavior and to avoid them. Simply banning something is not a solution; it’s the same way you would approach a child, education is the way to go, at least in the long run.