By Tammy Shaw
Cyber security isn’t just a buzzword, it’s a reality for individuals and organizations across the planet, especially when employees bring their own devices to work (BYOD) and with gig workers who connect to your system.
That and other internal priorities may open up your organization to hackers.
Cloud systems tout their safety, but security of organization, employee and customer data is too important to take chances.
However, cloud systems do not protect your desktop computers or any computer on your network. Adding a cloud to your existing network doubles (or more) your risk of cyber threat since two systems are in operation with the same data.
The first line of defense
HR is responsible for creating a comprehensive program and training employees to use it effectively.
To minimize the risk of cyber breach, keep sensitive information is a secure area, both virtually and physically. Use your own network and put up firewalls to bar entry into your system, plus use two-step authentication or biometrics. Encrypt any data on the cloud.
Even if you do all these steps but allow an unsecure vendor to enter your system, you’re vulnerable.
Limit employee access to their own personal information or private information needed to perform their jobs.
Employee mistakes
A Verizon 2016 report found that 63 percent of confirmed breaches were a result of weak, hacked or default password use. An average company utilizes more than 20 software applications, such as Skype and Asana, which each need passwords.
When employees use an easy to remember password, the same one for every application, the security threat increases exponentially.
An employee may send sensitive information to the wrong co-worker and IT employees may not dispose of sensitive information correctly or may misconfigure IT systems. Employees can lose laptops and smart phones or they may be stolen from an office, car or home.
Vigilance
Be proactive, not reactive – train all employees, not just IT professionals, to know how to keep data safe through strong password choices, protocols when they suspect issues and immediately reporting lost or stolen devices.
Manage your team
Train employees to choose security over expediency – 15 percent of Millennials and 13 percent of Gen Xers and Boomers were very likely to bypass security controls, according to a survey by LawInsider. Train workers the importance of not using the same password over multiple sites. Teach workers how to create strong password.
How
Create data security protocols training when onboarding and staffing.
Update employees periodically about scams, technology and threats, especially your HR team.
If you haven’t already, perform a risk assessment. Where are you weak? Strong? Which protocols are most important to your business? Then, adapt your training programs and protocols and train the right people for the right tasks and training. Various levels or jobs require different training.
Get the marketing department and IT to buy into your initiative. These teams may also know of threats you don’t.
Make managers and individuals accountable for following security training. Get employees a way to report issues and communicate latest email scams.
According to www.darkreading.com, 91 percent of all cyber attacks start with email phishing scams. Training your employees to avoid clicking on links, even when the link looks legitimate, is essential to your organization’s cyber security.
Create a contest or reward system for each week and month’s security detective.
Everyone makes mistakes, but practices and procedures can reduce the scope and frequency of security issues.
Diligence, training, rewards and accountability can go a long way to make the workplace more secure. Make sure your cyber security program incorporates the right tools and the right training for the right employees.
View Insured Solutions’ Client FAQs at https://www.insuredsolutions.net/faq/client_faq/FAQ.php.
View Insured Solutions’ Client FAQs at https://www.insuredsolutions.net/faq/client_faq/FAQ.php.
Sources:
https://www.benefitnews.com/magazine/employee-benefit-news-june-2018
https://www.huffingtonpost.com/meghan-m-biro-/data-security-must-be-a-t_b_10932396.html