Workers routinely and unintentionally put their employers at risk by engaging in sloppy computer security practices. In one recent study, a research team placed 200 USB thumb drives in high-traffic public places in Chicago, Cleveland, San Francisco, and Washington, D.C., and tracked what happened to them. Nearly one in five of these small devices were plugged into someone’s computer. Imagine if one of these USB drives belonged to your company and contained highly sensitive information.
Fortunately, you don’t need expensive hardware upgrades or new software applications to bolster cyber security at your office. Here are four relatively low-cost suggestions.
- Employee education. When new employees join your team, make sure they’re trained in strong security procedures. They should be trained to avoid using weak passwords; sharing login credentials; installing unauthorized applications on work computers; uploading company files to unencrypted devices; and being careless with emails. Use ongoing training to reinforce your company’s computer security policies and expectations.
- Single Sign-On (SSO) service. Most people find it difficult to manage the overabundance of business and personal passwords. So they cope by making easy-to-access Excel spreadsheets or placing sticky notes within reach of their computers. A long list of unsecured passwords can easily be stolen or misplaced. Instead, use an SSO to allow employees to access multiple work-related applications with a single strong password, reducing the need for less secure workarounds.
- Monitor access. According to one study, 89 percent of workers who leave a company continue to have access to one or more of their former employer’s computer applications. Be sure to create a procedure to immediately revoke access to all company databases and applications when an employee resigns or is terminated. Bottom line: always know who can get into your company’s databases and applications, and develop the ability to shut off access quickly when warranted.
- Make reporting easy. Employees should know how to report suspicious behavior or security concerns. Consider adding a link to your email platform that allows staff to forward questionable emails directly to your IT department or management team.
Cyber criminals are always trying to find new ways to access sensitive data of companies like yours. Implementing a few of these suggestions could keep your company safe from a security breach. Questions? Give us a call, we are glad to help.