Cybersecurity risks can happen in the workplace, but a large percentage could be avoided by changing employee behavior.
Here is a list of ways employees put companies at risk:
1. Opening emails they shouldn’t. We all receive suspicious emails. They should not be opened, and better yet should be deleted. Regular security training is a must.
2. Trusting social networks. In addition to email, many phishing and social engineering attacks occur on social media. Employees should not assume social sites are safe just because the interaction is personal.
3. Leave the company with data. When employees are terminated their usernames and passwords should be immediately shut down. Notify your IT departments when employees’ roles or status change.
4. Don’t protect mobile devices. BYOD can be a good thing for companies but both users and your IT department need to take steps to keep data secure, including secure passwords and policies.
5. Run outdated software. Hackers look for outdated software. IT should educate employees on the importance of installing patches or, in some cases, running the updates themselves.
6. Don’t vet business partners. Before your company hands over sensitive data to a third-party vendor, do your homework to thoroughly check them out.
7. Thinking antivirus software is enough. Even if your company has antivirus software in place employees need to be careful when browsing the Internet or opening email, no matter what protection is in place.
Having IT security conversations with your employees on a regular basis is a best practice worth adhering to. Being vigilant is everyone’s responsibility.