Cybersecurity: 5 Things Your Staff Need to Know
Blog | October 26, 2017
Companies are increasingly becoming preferred targets of cybercrime. It was reported in 2015 by data-focused law firm Revision Legal that 40% of online security breaches in the US were aimed at organizations.
Companies have become easy prey for hackers not necessarily because of low IT security measures, but because staff can unknowingly be careless with company data.
Wrongly addressed emails, stolen devices, or working with unsecured home or public wifi systems can put company data at risk. For example, if your staff takes a company laptop to work in a café with free, unsecured wifi, that already puts all the data in that device in plain sight for hackers in the vicinity.
Here are some key guidelines that will help staff be more vigilant in keeping company data (and their own data) safe.
1. Make sure you are using a secure internet connection
Wifi connections are by default not secure. They need to be locked by a password, and encryption must be configured by the account owner. When travelling, it is better to use roaming instead of public wifi because 3G/4G data is encrypted, making it safer that wifi which may not be encrypted. Be careful which wifi networks you trust. Set your phone settings to prevent auto-connection to wifi.
2. Use 2FA (2-Factor Authentication)
Two factor authentication is the best defence against hacking right now. After entering your password, you receive a one-time password (OTP) as a second layer of security. So even if hackers know your username and password, they can’t get into your account. Enable 2FA two factor authentication on everything you can. Secure your email and bank accounts with 2FA. Many companies use 2FA as well to secure company email and cloud accounts.
3. Be discerning in your online interactions
- With personal information
In this age of heavy social media interaction, people can make the mistake of being so open and careless with information shared online. Personal information is exactly what hackers are searching for. If you openly announce on a public social media profile, “I turned 30 today!” guess what, your exact birthday and year is known to all.
- With websites that you visit
Know what a secure URL looks like, and what looks fishy. Many scams are phishing scams – email or websites mimicking the appearance of an actual website (fake bank websites, for example, or email mimicking an account you have, such as Paypal or Google). Watch out also for wrong spelling or grammar, and content that threatens you to “Take action now or else”—meant to scare you into giving away information. Don’t assume you are immune. “Over half of internet users will get at least one phishing email today,” this article shares.
- With your browser settings
It is best not to allow your browser to save any passwords, in case of theft, or when you find yourself having to lend your laptop to a colleague. Don’t save passwords or information locally on any other device as well.
- When creating passwords
Take guidelines for strong passwords seriously. Also, log-in notifications may be annoying but they’re your friends. Google mail accounts currently have a default setting to let you know when your email has been logged into a new device.
4. Use cloud
Be careful about working on external hard drives and USBs. Do not ever leave sensitive information in an external drive. All confidential info should be in secure locations such as cloud accounts. If they are in a laptop with a password, it’s somewhat safe, but passwords can still be hacked.
5. Use credit
Use a credit card, rather than debit card for online transactions because once reported to the credit card company, fraudulent transactions are reversed right away. But if your debit card gets hacked it is a long process getting your money back.
“Cyberattacks are happening in 2017 at double the rate that they occurred in 2016. According to Hackmageddon.com, there are dozens of cyberattacks each month, affecting the personal and user information of literally billions of internet users worldwide,” Revision Legal reports.
As cyberattacks are growing, so must our vigilance in protecting both personal and company data. Similar to securing our homes from robbers, so must we exercise caution and defense to keep cyberattacks from being successful.
Early prevention by educating staff with digital knowledge is a need, more than ever for corporate cybersecurity. And it doesn’t stop there. They need to be constantly updated concerning cybersecurity risks and prevention measures. Take action now.
Subscribe to our newsletter
Back to Change Management