Spending on cybersecurity hit an all-time high in 2017. Unfortunately, so did the frequency of cybercrime — proof that tools alone aren’t enough to keep your sensitive information safe. In fact, employees who inadvertently give hackers access to the company computer network are one of the leading causes of data breaches.
If you don’t want your employees to be the weakest link in the cybersecurity chain, you need to make them a key part of your data defense. They need to understand the critical role they play in protecting your sensitive information and IT infrastructure, and they need to know how to do it well and consistently. Get started today by making these five tips policy for all your employees.
1. Use strong passwords, and use them properly.
It’s not enough to use complex passwords for the corporate computer network. You also need not to share your passwords, write them down, otherwise reveal them, or use them on more than one site. Since a well-crafted password is by definition hard to guess or remember, we recommend choosing a reputable password manager that will do the hard work for you. A password manager will generate a strong, unique password for every site you visit, then store those passwords securely so you only have to remember a single master password.
2. Be wary of public wifi.
Hackers can easily use unsecured wifi connections to intercept online traffic and install malware. Whenever possible, avoid them in favor of tethering your mobile phone or personal hotspot. If you can’t tether, use a remote desktop service (Xantrion can help you implement one).
If neither of those are possible and you have to use public wifi, visit only websites with HTTPS encryption (look for https:// and/or a green lock in your browser bar), which are better protected than ordinary HTTP sites. Consider asking your IT department about the HTTPS Everywhere browser extension, which creates that extra layer of protection on every site you visit.
3. Protect your mobile devices — phones, tablets, and laptops — at all times.
The best way to prevent other users from deleting files or installing malware, accidentally or deliberately, is to keep your mobile devices to yourself. You should never share any device you use for work purposes at any time, for any reason, with anyone. You should also never leave it unattended, not even if you’re only turning away for a minute. Keep it in your sight (in your hands if possible), set it to go into sleep mode as quickly as possible when it’s not being used, and require a passcode or password to unlock it.
On many devices, setting an access passcode also activates device-level encryption, which further protects the data if the device is lost or stolen.
4. Do not download, install, or use any software or cloud services unless IT has tested and approved them.
Hackers have cleverly engineered certain games and software utilities to conceal viruses and malware that gather or destroy data. Poorly configured cloud services can also expose your data to unauthorized users.
5. Follow basic cybersecurity hygiene.
- Do not uninstall or disable anti-virus software.
- Do not disable automatic software updates, which often include security patches.
- When your browser flags a website as a potential source of malware, heed the warning and don’t click through.
- To transfer data or share files, use the company computer network or a cloud service instead of physical storage like an external hard drive or USB flash drive, which can easily be infected with malware.
Xantrion can help you harden your computer network against cyberattackers, but it’s up to your employees not to help them sneak around your defenses. We can train them to follow cybersecurity best practices to help them take their places on the infrastructure barricades. Contact us today to start drawing up your cybersecurity plan.