Security breaches are just like car accidents—when they happen you can’t believe you missed the opportunity to avoid them. Since you can’t go back in time and reverse an attack, your best protection is prevention.
Still, one of the biggest prevention opportunities that small businesses often overlook is educating their own employees. They might invest in the best hardware and software solutions to thwart an attack, but rarely consider the open doors that employees leave when they walk out of the office each day.
No matter how savvy you may think your employees are, never underestimate their ability to be the cause of a data breach. From seemingly harmless links in a work email, to text messages they may receive after hours, hackers are counting on your employees to unknowingly serve up your company data.
Here are four simple things you can implement with your teams today (at no cost to you) to be one step ahead of your next breach:
Hackers are counting on you to lapse in staying ahead of the most recent security threats. That means that not only should you be keeping up on your end, but you should also be sharing that information with your employees through consistent training.
Gone are the days of the Nigerian Prince and the more obvious cyber attacks as hackers have become more sophisticated in their approach utilizing social media, email, text messaging, and personal devices to gain access to company data. Read up on these multi-pronged approaches and educate your employees to know exactly how to vet every communication. All it takes is one.
A report from Solarwings, "Cybersecurity: Can Overconfidence Lead to an Extinction Event?", sites that only 32% of companies regularly check and revise their security policy. We all have fallen victim to being overconfident that it can’t happen to us, but the truth of the matter is that cybersecurity breaches are actually more common in small businesses because of the prevalence of loose security policies and enforcement.
Furthermore, companies who encourage Bring Your Own Device (BYOD) practices are even more at risk as employees are mixing their personal data with company data. Today, just about everything is connected, and your security policy should take that into account. If your employees are accessing information after hours, do you know how they are gaining access?
A recent study titled "Technology Use: Conceptual and Operational Definitions" conducted by researchers at Clemson University, the University of Virginia, and the University of Oklahoma, showed that explaining the “why” associated with phishing attacks led to less clicks on phishing emails.
Bottom line: while you’re implementing policy and training your employees, be transparent. Policies are not always easily accepted in a small business. In fact, tightening up security can sometimes be viewed as a lack of trust from upper management and backfire. Whatever policies you put in place, consider the ramifications of non-compliance. Understanding the reason behind an executive decision is most always a better way to go if you want the best chance of end-user adoption.
Like a spare key under your front door mat or a rock, employees are notorious for leaving passwords jotted down on post-its in not-so-hidden places around their workspace. Let’s face it - life is full of passwords, and sometimes it’s hard to remember all of them! Unfortunately, keeping passwords in these easily accessible areas can easily lead to a data breach. If this is an issue for your employees, consider a password management software, or conduct workspace checks to ensure personal password information is being kept secure.
As for the passwords on the network devices, develop a policy for handling them too. In most cases, print controllers and network hardware come preconfigured with defaults that are easily found with a quick Google search. Change them—just don’t forget what you changed them too!
Make sure your employees are changing their passwords too. While it’s much easier to remember a password with our birthday or favorite pet’s name, passwords with a combination of letters, numbers, special characters and capitalization will greatly decrease your chances of a hack.
Everyone makes mistakes. But when your employees do, your company information is at risk and it’s your job to prevent that. Unlike the fender bender you couldn’t avoid, this is the one chance to protect your data before it’s too late.
Beyond copiers and printers, CDS offers a full suite of technology solutions ranging from Managed Print Services, to Managed IT Services, and Project-Based IT Services, providing our customers a Single Source for all their business technology needs.Read More