Data breaches are every systems administrators’ worst nightmare. They are relentless and can topple even the largest organisations. Typically, outside threats are the first we hear of in the news, however many sources point to the same cause for sensitive company information falling into the wrong hands, namely: employees. Is cybersecurity awareness training the missing component?
Managing Insider Risk through Training & Culture Graph shows that more than half of all businesses suffer from employee-related data breaches
Why these cybersecurity awareness training tips are a must
Most businesses operate with limited IT resources making them vulnerable to cybersecurity threats. In this blog, we’ll share nine data breach and cybersecurity awareness training tips to help you create a more secure business.
1. Protect your passwords
Password complexity is often the bane of every user forced to create a set of new credentials. The result: less sophisticated choices like “password1” and “qwerty1” become the only security measure against illegal access to sensitive company data.
When it comes to cybersecurity awareness training, there are smarter ways of managing credentials and enhancing security levels for user access, such as the use of a password manager.
Password managers can store multiple passwords and usernames, which is useful if you access more than a handful of personal and business online and offline accounts daily.
Most password managers also come with Two-factor authentication capabilities, making it more challenging for unwanted users to access sensitive information.
2. Use secure networks
Remote working is becoming the next phase in the evolution of the workplace but comes with a fair amount of risk. As more applications move to the cloud, free Wi-Fi has become an attractive solution for traveling employees.
Due to their commonly weak security measures, free Wi-Fi spots are often easy targets for hackers. Protect your staff and business with 3G, 4G and LTE connections from your local telecom provider as they have more secure networks.
3. Monitor device access
It’s common for spouses and children to want to use work computers for internet browsing and social media. While there may not be any malicious intent, access to your work files means they can be deleted by mistake.
If your laptop is used by any family members, create a guest account on your computer. Guest accounts have limited user rights and zero access to sensitive work files.
4. Minimise the risk of theft
Mobile devices, including laptops and smartphones, are very often the target of thieves, not only because they want to resell the device but also because they know the data on those devices can be far more valuable.
While protection against theft shouldn’t need explanation, here are a few tips worth sharing:
- When using public spaces like coffee shops in shopping malls, never leave your laptop unattended – no matter how convincing the staff are that their environment is secure
- Place mobile devices and laptops in a hard-to-see place if left in vehicles
- Insure your computers in the event of theft
5. Use data encryption
While keeping your computer and mobile device/s safe is ideal, it may not be enough. Data encryption allows you to take data security to the next level by protecting all the contents of your computer with strong encryption. This way, your stolen laptop becomes nothing more than a large paperweight.
6. Complete regular scheduled backups
Backups are the last resort when data is lost or compromised, yet few employees perform regular backups.
To solve this problem, it’s recommend that Backups be scheduled to occur automatically and daily. Daily backups consume less bandwidth for data upload as the sum of all new data produced in a day is smaller than that of a week.
When it comes to mitigating the risk of backup failures, create a two-pronged approach: send your data into a secure cloud location as well as a local location like a portable hard drive.
7. Software installations
Employees often make requests to have non-work-related applications installed on their computers. As a rule of thumb, try and limit the installation of any of these applications as they introduce risk and can compromise your network.
8. Always allow operating system and anti-virus updates
Operating system updates can be painful. They decrease processing power making computers sluggish and unusable, but they’re important. Recently, we’ve seen malware attacks which could have been prevented by installing the latest operating system patches.
Ensure that all security updates are completed on your computer. By default, most operating systems set updates to take place during your inactive hours (after 5pm and before 9am), however that window can be adjusted to suite your work schedule.
9. Practice good cybersecurity habits
Most adults have experienced some form of phishing attack, but few are aware of the fact. What’s scarier is that phishing and hacking attacks are more sophisticated than most people know.
Growing threats like Business Email Compromise (BEC), where scammers target companies by spoofing email accounts of the users who complete financial transactions, are becoming expensive for business. In 2016, the estimated global average loss for BEC was $140,000.
Unlike phishing attacks, where suspicious links can be avoided, BEC scams don’t include links or harmful attachments.
Here are some good cybersecurity habits to develop:
- Ensure anti-virus software is updated. Should a malware attack from an email attachment appear in your inbox, your updated anti-virus software should be able to catch it.
- Beware of links in emails from financial institutions on any organisation sending email requests to update your user credentials, they could lead to fake websites trying to steal your username and password
- Stay away from unsafe websites. Browsers like Chrome and Firefox prevent the access of known malware and non-SSL secured websites. Heed those warnings to protect your computer from compromise.
- Avoid USB flash drives, as they are the easiest way to infect a computer with a virus. Malicious programs are hard to stop once a flash drive is physically connected to the computer.
Protecting your computer from cybersecurity threats may seem like a full-time job, but most of the work involved can be limited to a set of daily habits that anyone can form. By using these and other security tips, you’ll contribute to creating a safer workplace.
Protect end-users and your business with Strong SSL Encryption on your website
TrustTheSite.com is a platinum reseller of VeriSign, Thawte, GeoTrust, Comodo, RapidSSL and Digicert SSL certificates. We offer the best pricing backed by personalised client support.
Call us on +27 23 004 0196 for a free no obligation discussion about your business needs and we’ll help you find the right certificate for your brand.