Business

4 things your employees are doing right now that are putting your network at risk

opinions expressed by entrepreneur Contributors are their own.

In today’s digitally connected world, your team has an unprecedented opportunity to quickly get the tools and information they need to streamline their work. But with all that accessibility comes new risks to your cybersecurity. Malicious individuals seek to gain access to the sensitive information stored on your organization’s networks – and your employees can be an easy target.

Case in point: research from Stanford University and Tessian shows that 88 percent of corporate data breaches are due to employee error.

Without proper cybersecurity training, your employees are likely to continue making mistakes that can put your data—and that of your customers—at risk. It’s important to understand what they’re doing wrong and to set things right.

1. You fall for phishing emails

Phishing scams are perhaps the most well-known example of how employees can compromise your network. These occur when an employee receives what appears to be a legitimate email asking them to click on a link or provide certain information.

Unfortunately, simply clicking a link can be enough to bring malware onto your network. Employees need to be trained to understand what these emails look like so they can send them to the spam folder where they belong.

As Steven Price notes in a blog post for Tech Rockstars, “The challenge is that phishing emails are becoming increasingly difficult to detect. Scammers can spoof legitimate web addresses. They can make fake emails look like real ones. But there are still many small details that indicate the email is fake. […] Training helps employees recognize warning signs.”

Price continues, “But beyond that, it helps them spot changing warning signs. For example, a 2010 phishing email doesn’t look like a 2020 phishing email. Scammers stay ahead of the curve. They know the trends and know how to adapt. Your employees also need to know the trends and be ready to adapt.”

Related: 5 types of employees who are often targeted by phishing attacks

2. You perform work activities on an unsecured network

The rise of remote working has certainly benefited employees and businesses as it offers more flexibility and reduced overhead. Unfortunately, the networks you use to access the internet may not be as secure as what you have in your office.

If an employee is using an unsecured Wi-Fi network (e.g. in a coffee shop or airport), hackers can easily intercept login credentials and other sensitive data transmitted over that connection. This includes emails, instant messages, bank account details – anything the employee accesses while using this network.

Businesses must ensure their own networks are fully secured and provide their employees with strict instructions on which networks they connect to for their work-related activities.

3. You are using outdated software

Most companies use a wide range of cloud computing tools, such as B. CRM software or logistics tracking. Most also use programs for word processing, bookkeeping, and other essential activities. Even with programs that don’t seem overly dependent on the Internet, making sure all software is up to date is crucial to preventing security breaches.

The reason for many software updates is to close newly discovered security holes. Failure to update software can create loopholes that hackers can use to access information stored by your organization. Similar problems can also arise from using outdated hardware. Eventually, the hardware manufacturer will stop releasing updates for old devices, leaving them vulnerable to security threats.

Make sure your network administrator keeps all software up to date. Remember that replacing old hardware will ultimately cost you much less than if you suffered a data breach.

Related: 5 essential considerations to make before investing in new technology

4. They don’t have good passwords

Easy-to-guess passwords (like “password” or “123456”) are never a good idea—especially if your employees use the same passwords for their work and personal accounts.

As Clifford Colby and Sharon Profis explain in an article for CNET, “It’s worth repeating that reusing passwords across accounts is a terrible idea. If someone discovers your reused password for one account, they have the key for every other account you use that password for. The same goes for changing a root password that changes by adding a prefix or suffix. For example PasswordOne, PasswordTwo (both bad for several reasons). By choosing a unique password for each account, hackers who break into one account cannot use it to gain access to all others.”

Strong passwords use a mix of uppercase and lowercase letters, numbers, and special characters. You should avoid using common words or phrases or personal information that someone else may know.

A random combination of characters can be very effective, although your employee may need to write them down somewhere safe to remember. Requiring strong passwords for business accounts and implementing two-factor authentication will help prevent simple security breaches.

Are you helping your employees stay safe online?

Surveys show that 43 percent of workers do not receive regular cybersecurity training — and another eight percent have never received training. This poses a major risk to your business, especially as phishing and other cybersecurity threats become more prevalent and sophisticated.

By making sure your employees know what they’re doing – and not doing – online, you can be confident their actions won’t put your business at risk.

https://www.entrepreneur.com/article/424725 4 things your employees are doing right now that are putting your network at risk

Brian Ashcraft

TheHiu.com is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – admin@thehiu.com. The content will be deleted within 24 hours.

Related Articles

Back to top button