While investing a lot of resources into securing your perimeter and defending from outside threats, it’s easy to overlook threats that are closer to home — your employees. Cybercriminals look for the easiest way into the network. Frequently, that weakest link is your workforce.
Technology is only one part of a strong cybersecurity strategy. The other important component is the human aspect.
As you welcome the New Year with new goals for your organization, make employee cyber education a priority. It’s the only way to turn your workforce from being the weakest link to being the first line of defense against attackers.
Even commonplace actions like accepting friend requests from strangers or clicking on links on social media can put your enterprise at risk. Hackers exploit any social-engineering opportunity that can lead to stealing credentials or infecting a computer with malware. Many of the precautions your employees can take are simple yet effective.
Good Cyber Hygiene Habits To Foster In Employees
It’s important to talk to your employees regularly about cybersecurity and their role protecting the company. Help them understand best practices for cyber hygiene and give them opportunities for hands-on training and asking questions.
Here are some good habits to help employees develop:
- Pay attention to social engineering activities: Be aware of suspicious links from unknown sources like online ads, social media, blogs and emails. Also beware of phone calls from people posing as co-workers and asking about company operations.
- Follow strong password practices: Use separate passwords for personal and work accounts. Having separate passwords for each account — especially for critical accounts — will minimize the chances that a hacker will get access. Use two-factor authentication whenever it’s offered.
- Protect credentials: Bad actors’ tactics continue to evolve as users become more educated and weary. Even legit-looking emails to share documents via a popular cloud app like Dropbox or Google Docs could contain a malicious link. When in doubt about a source, delete.
- Backup regularly: Backup automatically or follow IT procedures to enable business-as-usual even in the event of a breach.
- Be alert: Be watchful not only for suspicious online activities but also for strange computer behavior such as inexplicable slowdowns. This can be a sign of a malware program running in the background. Notify IT when you detect something unusual or receive a suspicious email.
- Keep a clean machine: IT managers have a good reason for disallowing certain programs on company computers. Don’t download apps that are not authorized — outside software can result in a network vulnerability.
- Follow BYOD rules: If the company allows personal devices to connect to the network, follow the policies. This could mean giving IT certain controls, like the ability to wipe an infected device remotely.
Some final notes: Good cyber hygiene practices starts with your company and leadership. Keep your communications and awareness programs timely and relevant to employees and their daily lives. And most of all, ensure your workforce has the right tools and knowledge to fight back against threats.
NCA can deliver the technical expertise and technology benefits you need to reinforce the strength of your cybersecurity-aware workforce. Contact us.
Network Computing Architects, Inc. is a premier provider of high quality sustainable and secure networking, information security solutions and unified communications. We partner with our clients to provide answers to business initiatives where leading technologies converge.
NCA achieved ISO 27001:2005 certification in December 2007 and is currently ISO 27001:2013 certified. The scope of NCA's ISMS is client confidential information within NCA Professional Services Practice.