Just like you can form habits to be more productive, you can also form habits that expose your organization to risky situations, namely security problems. Some of these habits may be formed without even realizing. Your employees in particular are likely to have picked up a couple of nasty habits over time, so it’s up to you to address them and keep them from becoming an issue in the long term. Figure out, are you a security threat?
So, Are You a Security Threat?
Habit 1: Password Security
This habit means that your employees create weak passwords, then continually reuse them for multiple accounts. We get it; nobody likes to remember multiple passwords, especially complex passwords, but they are way better for network security than your standard fare. You should by all means avoid using words like “password” or strings like “123456.” We have multiple blogs that can help you create stronger passwords and discuss a form of password we suggest, called passphrases.
It’s critical that you hold your staff to this higher standard, as failing to adhere to the bare minimum could expose sensitive information in the event of a data breach. Furthermore, you should update passwords regularly, as well as use a password manager to help your employees keep track of everything.
Habit 2: Sharing Passwords
It might seem like employees are being efficient by sharing passwords, but it’s more like cutting corners. Sure, it might save a second or two, but it will really stink when you whack your elbow on the wall. If they are company-owned accounts that are set up, like company social media accounts or shared resources, that’s another thing entirely, but these are generally managed by the company, not the individual. If all your employees are using the same passwords for different accounts, that’s a lot of information mixing and an easy way for hackers to have a field day.
Basically, you need to be cognizant of the dangers displayed by sharing passwords, as well as have the ability to react to these issues in a timely manner.
Habit 3: Using Personal Storage for Company Files
Cloud computing is a great way to increase the value and utility of technology services, but only when it’s used properly. We discuss cloud services frequently as well as offer some to our clients, but they have to be managed by someone who understands them. Employees might use their own personal cloud storage solutions to store company files, which is a major red flag. While they might be doing it for convenience, you still need to address it. The repercussions could potentially be catastrophic.
Habit 4: Shadow IT
Any software or hardware that is installed or implemented on your business’ solutions without approval from IT management is considered “shadow IT,” or IT that can’t really be controlled or regulated by your IT department. Often times employees will look for ways to get around the challenges that face their particular work role, and while they are doing it to make themselves more productive, the end result is a less secure overall network and less solid policies regarding the governance of these solutions. Make sure your employees are not using shadow IT, and if you do not have an IT provider, consider getting a managed service provider like us to help out.
Habit 5: Careless Use of Email
Email is frequently used for both correspondence and file sharing, but without proper discretion, this comes at the detriment of your organization. Consider how bad it could be for your business if you send the wrong attachment or the wrong information to someone who isn’t supposed to see it. With such a great solution available, you need to take proper precautions.
Habit 6: Insufficient Training
This isn’t so much a habit of your employees; rather, it’s one for employers in general. Employees need to understand the security threats that they face on a day-to-day basis, and without you there to guide them, they likely won’t take action to keep your business safe. Security training is integral to the success of any business model, and it should play a significant role in the onboarding process. You should then supplement this training with frequent phishing tests, team discussions, and further training as needed.
We hoped this helped you answer, are you a security threat? This might sound overwhelming, but it doesn’t have to be. Give Symmetric IT Group a call at (813) 749-0895 and entrust your security to our professionals. We can help you set up a proper security employee training program, implement cybersecurity solutions, and make sure you can answer no to the question, are you a security threat. Check out our information security page for more info.