The Biggest Cyber Security Threat You’ll Face: Your Employees
Most small business owners are lucky enough to know the majority of their employees by face and name, if not well enough to develop a personal relationship with them. You know full well that none of them would do anything that would deliberately sabotage your business’s security. Unfortunately, the biggest cyber security threat your business face’s may be sitting just a few offices down from you–and the worst part is, they don’t even realize it! Protecting the essential cyber security of your business doesn’t just mean running quality antivirus software and being sure that your IT team monitors traffic. It also means ensuring that your employees know how to help protect your company.
Their Passwords, Your Company
As a small business owner, it may never have occurred to you just how important your employees’ passwords are. Sure, you have a few basic rules in place; but you’ve never considered just how easy it could be to snatch their passwords and use them to break into your company’s vital data. If you want to keep your business truly secure, make sure you’re including these requirements in your password rules:
- Change passwords regularly, especially if you’ve been hacked or suspect that there has been a security breach. Note: adding a new number to your password doesn’t count as changing it!
- Request a random combination of letters and numbers, not a dictionary word or even a phrase that’s easy to remember. Many hackers use dictionaries as part of their database.
- Insist that the passwords for company networks and programs be different from one another–and different from the passwords that your employees use for their online interactions in other areas of their lives. This helps prevent spillover from cyber attacks on other companies from reaching your business.
Social Engineering Problems
Many people–especially those from older generations–want to believe the best in others. When someone comes in or makes a phone call to the business, they automatically assume that individual is there for their stated reason, and they tend to offer them the information they’re looking for in an effort to be “helpful.” Then there are phishing emails and other social engineering attacks–many of which your employees might not recognize. Some common social engineering scams include:
- Pulling known customer information off of your social media accounts in order to gain access to more information
- Dropping a USB device with a virus or other software encoded that will install on your computer as soon as it’s plugged in
- Calling from the “IT department” and asking you to “check out a new system” by putting your login information into their fake webpage
- Coming in as a repairman or someone else you would expect to be in the building in order to gain access to confidential areas
Closing the Security Holes
If your employees can’t recognize the scams, they don’t know how to prevent them from targeting your business. In order to close those security holes, you must not only engage quality antivirus protections, but also the protection that comes from well-trained employees. This includes:
- Creating security policies
- Letting employees know how they are expected to respond in the event of a potential security threat
- Discussing potential scams with your employees as you become aware of them
The better trained your employees are, the better they can help you protect your business. It’s not just the IT team that must stand on the front lines of your business’s protections. It’s every employee–and you can give them the power to do so. If you want to learn more about raising your business’s cyber security and keeping yourself safe from cyber attacks, contact us today to learn how we can raise that vital part of your company.