Your teammates and staff are at the forefront of keeping business information safe and secure from cyber threats.
As a company, you may have comprehensive cyber security practices and policies in place, but it’s important to stay on guard and ensure that your business network and data are well protected.
Out of the many factors responsible for data breaches, an alarming 90% are caused by human error – mostly unsuspecting employees who respond to malicious emails and fall prey to cyber-attacks. While people are your organisation’s most valuable asset, they can at times be your Achilles heel.
The best way to create cyber awareness is to train and educate your employees on information security and basic cyber security principles.
At Redpalm, we have compiled a list of top cyber security practices that your employees should know (and follow!)
Let’s take a look!
1. Creating Strong Passwords
It could take only one person’s weak password to put your entire company’s data security on the line. Moreover, business-critical information about clients, suppliers and other stakeholders could potentially be compromised. Despite this, many employees tend to use weak passwords that can be hacked with ease.
SplashData publishes a list of 100 worst passwords every year and passwords like “1234”, “123456”, “12345678” and “password” regularly top the list.
Ensure that your employees are smarter than their would–be hackers. Ideally, passwords should contain at least eight characters with numbers and symbols. This makes them much more difficult to crack. Additionally, ask employees to avoid keeping passwords containing the names or birthdays of their kids or pets.
Encouraging strong password policies is one of the fundamental cyber security practices you can adopt to safeguard your employees’ data.
Tip: In a work environment, there are often several passwords you need to remember. Consider using password management software like Keeper, LastPass or 1Password
2. Recognising Phishing Scams
Phishing is an online scam where cyber criminals send an email that might appear legitimate, asking employees to divulge sensitive company information.
If your employees fall for it, they can grant access to your company information to the hacker. This is why it’s extremely important to teach your employees how to be aware of such digital threats.
As your managed services partner, we assist you in training your employees in crucial cyber security practices to protect your network from being compromised.
Here is a list of things your employees need to watch out for:
- Suspicious Links – If the web address doesn’t match the link sent across as you hover over it, something is definitely not right. Also, keep a lookout for email redirects asking employees for login information. This is one of the most popular ways for hackers to steal login credentials.
- Spelling Mistakes and Grammatical Errors – Employees should know that if it doesn’t read right, it’s probably a scam.
- Unusual Salutations or Greetings – If a contact usually addresses your employees by their first name but suddenly greets them as an ‘important customer’ or a ‘valued client’, they should alert the IT department as this is a potential red flag.
- Request for Sensitive Information – Employees should know what information is business-critical, meaning it cannot be shared without good reason. If they receive any mail requesting information that’s not to be shared, ask them to call the number in question and conduct a thorough verification of the request.
- Implicated Urgency – This scare tactic is commonly used by cyber criminals to throw your employees off and compel them to part with information they wouldn’t under normal circumstances. If someone warns your employee of stopping a service, ask them to get in touch with your in-house tech support without replying to them immediately.
- Images that Don’t Look Quite Right – If the layout of an email and the images you’ve received seem “off”, your employees should learn to rely on their gut feeling and know that it’s possibly an attempt to breach your business network.
- Non-Standard Attachment – If the file attached in an email is not something your employees can place easily, then it’s reason enough to be suspicious.
By highlighting the importance of cyber security for individuals, you can prevent your employees from falling victim to phishing schemes and avoid potential repercussions for your business.
3. Using Multi–Factor Authentication (MFA)
Having additional layers of security in place will make it more difficult for hackers to breach your business network. This is where your business and your employees can benefit from MFA or multi-factor authentication.
MFA uses two or more independent credentials to create security barriers in your data infrastructure which makes hacking into endpoints and networks far more complex.
With MFA, even if one security factor is broken into or compromised, the other security credentials continue protecting your network. MFA cyber security practices help delay the breach as your systems alert you of a potential cyber attack which you can then prevent from happening.
It’s important to standardise multi–factor authentication across all company platforms and networks to keep cyber attackers at bay as you exponentially increase the security of your IT environment.
Some examples of MFA are:
- Swiping a Card
- Entering a PIN Code
- Fingerprint Scan
- Answering a Security Question
- One-time Password (OTP) Authentication
4. Being Careful with Software Downloads
Many people believe that if software is downloaded from a trustworthy brand, it’s safe for use. This is far from the truth. In actuality, these unverified downloads could come with their fair share of security risks.
It’s important to know that where you download a program from is as important as the program you download. The internet is full of websites that provide free versions of several popular paid programs. What your employees need to understand is that not all sources where these programs are available are safe and secure. The downloads might be infected with spyware, viruses, trojans, worms or other types of malware.
To minimise the risk of data breach over devices (business, personal and mobile), ensure that you take advantage of our unified endpoint management system for all-around security across platforms and endpoints.
As your managed IT provider, we run all your organisational downloads through robust spyware and antivirus programs to minimise your risk.
Additionally, as a part of our business disaster recovery plan, we also help you put together comprehensive download protocols and ensure that your employees understand them. Putting emphasis on effective cyber security practices is an important aspect of creating a culture of cyber security across your organisation.
5. Not Ignoring Application Updates
While the constant update reminders popping up on your screen might be annoying, they are more important than you give them credit for. Needless to say, your employees shouldn’t ignore these notifications as software updates are crucial in maintaining the security of your applications.
Cybercriminals know how to take advantage of out-of-date devices. With our end-to-end IT support, we work with you to keep all your devices up-to-date with the latest patches and IT security protocols.
Many employees think that application and system updates are unnecessary and, hence optional. This couldn’t be further from the truth. System updates are essential in the line of defence against a variety of cyber attacks and an important part of a robust IT disaster recovery plan!
General Cyber Security Practices That Your Employees Should Adopt
- Refrain from opening emails from untrustworthy sources.
- If an offer seems too good to be true, it usually is.
- When walking away from your workstation, ensure your laptop is locked or closed.
- Ensure that your malware or antivirus software is up-to-date.
- When it comes to cyber security, be vigilant.
Keep Your Company Information Secure with Redpalm
Whilst we can all agree that cyber security is crucial to your business operations, it may not be something you have the in-house resources to manage. Educating your employees on safe cyber security practices with regular IT training to stay up to date with recent developments is essential.
Redpalm can work with you to improve the security of your company’s infrastructure and information.
We test the robustness of your business cyber attack recovery plan by conducting simulated digital attacks. This helps us tie the loose ends in your network and make your IT environment far more secure.
We are an IT support company providing IT solutions across the UK, primarily in Northampton, London and surrounding areas.
To find out more about best cyber security practices, contact us today!