Ensure your employees are prepared to keep your company safe
Training employees is a critical element of security. They need to know and appreciate the value of protecting data and their role in keeping it safe. In order to do that effectively, they need to have a good understanding of the dangers that threaten its’ safe-keeping.
Here are five ways to help your employees make good judgements online:
- Talk to employees on a regular basis about cyber security. It is not enough to have an “annual review”. Explain the potential impact of a cyber incident on your organization. Regularly test their knowledge.
- Warn employees to pay special attention to social engineering activities. Many cyber incidents begin with a phone call or email from someone posing as someone you would trust (co-worker, help desk technician, or boss) asking questions to gather information about the company’s systems and operations.
- Do not download unauthorized software. There should be clear rules for what employees can install and keep on their work computers. Make sure they understand and abide by these rules. Unknown outside programs can open security vulnerabilities in your network.
- Educate employees on good password practices. Making passwords long and strong, with a mix of uppercase and lowercase letters, numbers and symbols, along with changing them routinely and keeping them private are the easiest and most effective steps your employees can take to protect your data.
- Staying watchful and speaking up: Employees should be encouraged to keep an eye out and say something if they notice strange happenings on their computer.
It’s important to train employees before you have a data breach. Create an environment where they feel safe to ask questions and to report questionable activity.