Cyber Security

Cyber Security Tips for Employees

1 September 2020

Your teammates and staff are at the forefront of keeping business information safe and secure from cyber threats. 

As a company, you may have comprehensive cyber security practices and policies in place, but it’s important to stay on guard and ensure that your business network and data are well protected. 

Out of the many factors responsible for data breaches, an alarming 90% are caused by human error – mostly unsuspecting employees who respond to malicious emails and fall prey to cyber-attacks. While people are your organisation’s most valuable asset, they can at times be your Achilles heel. 

The best way to create cyber awareness is to train and educate your employees on information security and basic cyber security principles. 

At Redpalm, we have compiled a list of top cyber security practices that your employees should know (and follow!)

Let’s take a look!

1. Creating Strong Passwords

It could take only one person’s weak password to put your entire company’s data security on the line. Moreover, business-critical information about clients, suppliers and other stakeholders could potentially be compromised. Despite this, many employees tend to use weak passwords that can be hacked with ease. 

SplashData publishes a list of 100 worst passwords every year and passwords like “1234”, “123456”, “12345678” and “password” regularly top the list.

Ensure that your employees are smarter than their wouldbe hackers. Ideally, passwords should contain at least eight characters with numbers and symbols. This makes them much more difficult to crack. Additionally, ask employees to avoid keeping passwords containing the names or birthdays of their kids or pets.

Encouraging strong password policies is one of the fundamental cyber security practices you can adopt to safeguard your employees’ data.

Tip: In a work environment, there are often several passwords you need to remember. Consider using password management software like Keeper, LastPass or 1Password 

2. Recognising Phishing Scams

Phishing is an online scam where cyber criminals send an email that might appear legitimate, asking employees to divulge sensitive company information.

If your employees fall for it, they can grant access to your company information to the hacker. This is why it’s extremely important to teach your employees how to be aware of such digital threats. 

As your managed services partner, we assist you in training your employees in crucial cyber security practices to protect your network from being compromised.
Here is a list of things your employees need to watch out for:

  • Suspicious Links – If the web address doesn’t match the link sent across as you hover over it, something is definitely not right. Also, keep a lookout for email redirects asking employees for login information. This is one of the most popular ways for hackers to steal login credentials. 
  • Spelling Mistakes and Grammatical Errors – Employees should know that if it doesn’t read right, it’s probably a scam.
  • Unusual Salutations or Greetings – If a contact usually addresses your employees by their first name but suddenly greets them as an ‘important customer’ or a ‘valued client’, they should alert the IT department as this is a potential red flag.
  • Request for Sensitive Information – Employees should know what information is business-critical, meaning it cannot be shared without good reason. If they receive any mail requesting information that’s not to be shared, ask them to call the number in question and conduct a thorough verification of the request. 
  • Implicated Urgency – This scare tactic is commonly used by cyber criminals to throw your employees off and compel them to part with information they wouldn’t under normal circumstances. If someone warns your employee of stopping a service, ask them to get in touch with your in-house tech support without replying to them immediately. 
  • Images that Don’t Look Quite Right – If the layout of an email and the images you’ve received seem “off”, your employees should learn to rely on their gut feeling and know that it’s possibly an attempt to breach your business network. 
  • Non-Standard Attachment – If the file attached in an email is not something your employees can place easily, then it’s reason enough to be suspicious. 

By highlighting the importance of cyber security for individuals, you can prevent your employees from falling victim to phishing schemes and avoid potential repercussions for your business.

3. Using MultiFactor Authentication (MFA)

Having additional layers of security in place will make it more difficult for hackers to breach your business network. This is where your business and your employees can benefit from MFA or multi-factor authentication

MFA uses two or more independent credentials to create security barriers in your data infrastructure which makes hacking into endpoints and networks far more complex. 

With MFA, even if one security factor is broken into or compromised, the other security credentials continue protecting your network. MFA cyber security practices help delay the breach as your systems alert you of a potential cyber attack which you can then prevent from happening. 

It’s important to standardise multifactor authentication across all company platforms and networks to keep cyber attackers at bay as you exponentially increase the security of your IT environment. 

Some examples of MFA are:

  • Swiping a Card
  • Entering a PIN Code
  • Fingerprint Scan
  • Answering a Security Question
  • One-time Password (OTP) Authentication

4. Being Careful with Software Downloads

Many people believe that if software is downloaded from a trustworthy brand, it’s safe for use. This is far from the truth. In actuality, these unverified downloads could come with their fair share of security risks. 

It’s important to know that where you download a program from is as important as the program you download. The internet is full of websites that provide free versions of several popular paid programs. What your employees need to understand is that not all sources where these programs are available are safe and secure. The downloads might be infected with spyware, viruses, trojans, worms or other types of malware.

To minimise the risk of data breach over devices (business, personal and mobile), ensure that you take advantage of our unified endpoint management system for all-around security across platforms and endpoints. 

As your managed IT provider, we run all your organisational downloads through robust spyware and antivirus programs to minimise your risk. 

Additionally, as a part of our business disaster recovery plan, we also help you put together comprehensive download protocols and ensure that your employees understand them. Putting emphasis on effective cyber security practices is an important aspect of creating a culture of cyber security across your organisation. 

5. Not Ignoring Application Updates

While the constant update reminders popping up on your screen might be annoying, they are more important than you give them credit for. Needless to say, your employees shouldn’t ignore these notifications as software updates are crucial in maintaining the security of your applications. 

Cybercriminals know how to take advantage of out-of-date devices. With our end-to-end IT support, we work with you to keep all your devices up-to-date with the latest patches and IT security protocols

Many employees think that application and system updates are unnecessary and, hence optional. This couldn’t be further from the truth. System updates are essential in the line of defence against a variety of cyber attacks and an important part of a robust IT disaster recovery plan!

General Cyber Security Practices That Your Employees Should Adopt

  • Refrain from opening emails from untrustworthy sources.
  • If an offer seems too good to be true, it usually is.
  • When walking away from your workstation, ensure your laptop is locked or closed.
  • Ensure that your malware or antivirus software is up-to-date.
  • When it comes to cyber security, be vigilant.

Keep Your Company Information Secure with Redpalm

Whilst we can all agree that cyber security is crucial to your business operations, it may not be something you have the in-house resources to manage. Educating your employees on safe cyber security practices with regular IT training to stay up to date with recent developments is essential. 

Redpalm can work with you to improve the security of your company’s infrastructure and information

We test the robustness of your business cyber attack recovery plan by conducting simulated digital attacks. This helps us tie the loose ends in your network and make your IT environment far more secure. 

We are an IT support company providing IT solutions across the UK, primarily in Northampton, London and surrounding areas.

To find out more about best cyber security practices, contact us today!

Latest From The Blogs

prevent a data breach, computer devices with code and access denied displayed on screen
Cyber Security

5 Effective Strategies to Prevent a Data Breach

Data breaches occur when any sensitive information is leaked or exposed to the public without authorisation. They can lead to the loss of your organisation’s intellectual property, customer data, or other confidential information.

Read More
cybersecurity metrics, woman next to data projection
Cyber Security

7 Cyber Security Metrics Every Business Should Track

The ever-evolving nature of cyber threats means tracking cyber security metrics is essential for evaluating your company’s cyber security posture and maintaining cyber defences.

Read More
digital privacy, person typing in their login credentials
General

Understanding the Future of Digital Privacy

Technological advancements have reshaped how personal information is collected, shared, and used, and privacy has emerged as one of the biggest challenges in this digital age.

Read More
cyber security certification UK, two males working on a computer in server room
Cyber Security

5 Tips to Secure Your Cyber Essentials Certification in the UK

According to the 2024 Cyber Security Breaches Survey conducted by the UK government, 50% of UK businesses experienced a cyber attack or security breach in 2023.  With a growing frequency of cyber attacks, many businesses have begun to prioritise cyber security and cyber security certification in the UK.

Read More
cyber security strategy, woman and man working on computers
Cyber Security

How to Build a Strong Cyber Security Strategy

According to cyber security stats, cyber attacks have become more prevalent in recent years, not only increasing in number of incidents but also in their level of sophistication. This increase in ransomware, phishing, and other types of cyber attacks has only emphasised the need and importance of a cyber security strategy for businesses across industries.  An effective cyber security strategy helps you protect your digital assets, such as your systems, networks, and data, from unauthorised access and damage. A well-constructed strategy involves procedures, policies and frameworks to help reduce risks, respond to incidents and safeguard sensitive data.  Your cyber security strategy isn’t meant to be perfect; it’s intended to act as a strongly educated guess as to what you need to do to keep your business safe. As your organisation and the world around you evolve, your strategy needs to evolve as well.

Read More
cyber criminal tactics, two individuals hacking into a computer system
Cyber Security

7 Common Cyber Criminal Tactics to Watch Out For

Cyber crimes are attempts by cyber criminals, hackers or other malicious individuals to gain unauthorised access to a computer network or system. These attacks often target a range of victims, from individual users to organisations and even governments, which begs the question, can cyber crime be curbed?

Read More
improve online security, a person using a laptop with visual of security overlaid on top of image
Cyber Security

6 Simple Ways to Boost Your Company’s Online Security

Online security, aka cyber security, involves protecting your business’s sensitive information and critical systems from unauthorised access and theft. With data networks being almost universal, fraudsters are becoming more and more innovative with their scams. Every day, countless cyber criminals scan unsecured or poorly secured networks, looking for an opportune moment to attack.

Read More
phishing email scam, paper email icon on a hook above a laptop
Cyber Security

A Deep Dive Into HR Phishing Email Scams

Have you ever received an email from your HR team that appeared too good to be true? Or perhaps there was something about it that sounded a little off. Beware—you may have narrowly avoided falling into the clutches of an HR phishing email scam.

Read More
technology as a service, engineer in data center
General

The Benefits of Technology as a Service (TaaS) 

Traditionally, IT infrastructure necessitated a server installed on your business premises to allow access to hardware and software applications. If you wanted to scale your data storage and services, you had to purchase additional hardware or invest in expensive upgrades.

Read More
global IT outage, woman looking stress while computers are showing coding errors
General

A Deep Dive Into Microsoft’s CrowdStrike Global IT Outage

As one of the largest IT outages in history, thousands of businesses and institutions around the world were knocked offline. From airports to healthcare institutes to offices and railways, the Microsoft outage has led to widespread disruptions and delays across the world.

Read More