Whether you’re running a small business or leading a team within a larger organization, security is likely a concern for you. But is it something you’re fully prepared to address? With the increased frequency of breaches in the last few months, it’s not a bad idea to take a step back and evaluate how your team operates when it comes to security, and optimize some of those practices. To help you get started, we’ve compiled a few ways you can use June’s Internet Safety Month as an opportunity to increase internet safety and security awareness within your organization.
Educate your team
Employees are your weakest link, without a doubt. Each employee is a potential door into the company’s confidential information, and poor security habits can leave that door ajar for hackers. Nearly 30% of companies say employee apathy is a big threat to their company’s security. It’s worth the time and investment to educate your employees about internet safety, reinforce the risks of weak security habits and instill good habits on topics such as password hygiene, downloading content, and sharing information online. Start on their first day with a primer on best practices and be sure to make those practices readily available on the Intranet or elsewhere, so they can easily reference them later.
Don’t click that!
Whether it’s while perusing websites or checking email, employees need to be aware of suspicious activity and links. Email fraud and phishing is another very serious threat, mostly because of how common it is. Prepare employees to look for potential phishing attempts that are designed to steal personal and valuable information. Safeguard your company by understanding the key signs of a fraudulent email and communicating them to employees.
One way to prepare your team for phishing attacks is to send out fake phishing emails. Like a planned fire drill, but for internet security. Create an email with suspicious links and see not only who clicks, but also who reports the suspicious-looking links, to get employees in the right mindset about security.
Manage your devices
We’re all working from home and on the road much more frequently these days, especially with the prevalence of laptops, tablets, and smartphones in the workplace. This means each employee has multiple devices, and therefore even more doors to potential security threats. As a result, IT teams need to be even more diligent with device management and BYOD policies, including encryption, firewalls, VPN requirements, and more.
However, that’s only the IT side of the problem; be sure to instill good practices with your employees. Encourage them to lock their computers before walking away and keep them password-protected and securely stored while traveling, especially while traveling in places like airports or hotels. Also, be sure employees understand not to connect outside devices – like external hard drives or thumb drives – to their work computers because of the risk of malware.
Create password policies
Knowing that two-thirds of people use the same password for multiple, or even all, of their accounts, password management is likely the easiest and quickest way for you to make a positive impact on your organization’s security.
As a business owner or team leader, set up requirements for employees, including mandatory password changes, specific requirements for strong passwords, and two-factor authentication enabled on all systems that house important data. That also means disabling default admin accounts and ensuring that every user within the company has their own account to access systems, so that IT always knows who has access to what, and when they last logged in.
For employees, setup a password security crash course and educate them on what it means to have secure passwords. This means not only creating strong passwords for your accounts, but also not sharing them with co-workers, friends and family. Facilitate a strong password policy by using an Enterprise password manager like LastPass to store passwords, change passwords often, and use unique passwords for multiple accounts. Also, it might sound like a no-brainer, but make sure employees are not using the same passwords for both personal and work accounts.
In light of recent security attacks and with the focus on Internet Safety this month, this is the perfect time to evaluate your organization’s practices when it comes to security, and see where you can make improvements now and also in the long-term.