Cyber security is a hot topic for any business, particularly with the media exposure surrounding the WannaCry virus that hit the NHS recently.
Of course there’s plenty of things you can do to protect your business – install regular updates for your PC, use an advanced firewall, have guest wifi available and make sure you are running effective back-ups.
But what about your employees – your human firewall? Did you know that your own people are one of the biggest risks to cyber security?
Your people are your biggest risk
According to statistics from the UK’s Information Commissioner’s Office; human error is the ‘main cause of data breaches’.
In fact, computerweekly.com reports that ‘figures obtained by Egress Software Technologies, found that human error accounted for almost two-thirds (62%) of the incidents reported to the ICO – far outstripping other causes, such as insecure webpages and hacking, standing at 9% combined.’
That’s pretty shocking.
What kind of security breaches are we talking about?
There are all sorts of things that employees are doing every single day – that perhaps they don’t even think twice about – that could potentially compromise the security of your business.
For example, using weak passwords, sharing passwords, sending data to the wrong person, logging onto unprotected wifi networks when out of the office, or theft/loss of unencrypted devices – these are all things that can pose a significant risk to your cyber security.
So what can I do about it?
The best thing you can do to make sure your team are operating securely is to educate them.
1. Teach them how to choose a secure password, with an emphasis on length over complexity.
2. Remind your team to never share their passwords – recent Government statistics show that a shocking 27% of us admit to sharing our passwords. That’s potentially over a quarter of your office!
3. And never write them down! If you need to write a reminder, write something that jogs your memory, but has no link to the password itself.
4. Remind your team that if they have visitors coming to the office, give them the guest wifi code, rather than allowing them to use (and potentially infect) your internal network.
5. Explain the importance of keeping their PCs protected by installing the latest Windows Updates (this can be set to ‘automatically install’ but you do need to check that you’re up-to-date.)
6. Make sure your staff know how to spot the signs that an email may be a fake or spoofed email. The sender’s email address, the name of the attached file (don’t open it!) and how they greet you (no greeting at all, a generic ‘Sir/Madam’ or by name) can all be clues as to the authenticity of the email.
7. Beware the abandoned USB stick! Remind your team never put USB drives into their PC to find out who they belong to – they could be varying a virus and infect you instantly. This may sound obvious, but a 2016 study by University of Illinois, found that 48% of people who found a USB Flash drive would put it in their PC to see what was on it.
Want to be more Cybercrime aware?
Then why not join projectfive for a Cybercrime Awareness Training Course! It will help you and your team to recognise common cyber threats and take practical measures towards making yourself and your business less vulnerable. Take a look at the details here and email firstname.lastname@example.org for full details.