With the explosion of social media sites in the last 10 years, employees are more connected than ever to the Internet, putting their personal information and the businesses they work for at risk for data breaches. In fact, IBM’s 2014 Cyber Security Intelligence Index reports that cyber criminals have begun targeting negligent employees more and more on social media sites to exploit businesses. In their 2013 report, IBM found that employees account for roughly 80 percent of company breaches.
With the recent Safer Internet Day, an international awareness campaign to promote safe Internet habits, we want to share how businesses can better protect their business and employees from cyber criminal activity. Here are our top 5 tips to protect your business online:
1. Educate employees
The best crisis prevention is education. Teach employees the importance of digital security and be sure to have policies and guidelines in place to help employees make secure decisions. Do you have BYOD policy in place? Do employees have a VPN they can use when conducting work in a public area? Are employees allowed to use social media at work? Consider these questions and be sure to have an answer for each one. Teaching employees about the latest phishing scams, best password practices, and social media cons can help them better identify suspicious activity.
2. Create a culture of awareness
When employees are in-the-know about security do’s and don’ts, they tend to be more open to notifying the correct personnel when suspicious activity does arise. Oftentimes, employees are uneducated about security best practices, or scared they will get reprimanded when they’ve made an unintended mistake that can lead to insecurities on the web. Your IT department should create an open door policy for security questions and concerns and make sure to acknowledge employees when they notify you of suspicious Internet activity.
3. Monitor for unusual activity
Use software to monitor the security of your business. Anti-virus solutions are a great way to protect against malware, and a monitoring service can keep an eye on employee and customer information that may be circulating the Dark Web. Businesses should also keep an eye on their credit score and credit report to detect any fraudulent activity.
4. Require regular password updates
To ensure employees are not reusing personal passwords, require that work passwords be changed every few months. Better yet, require two-factor authentication for work logins.
5. Have a plan
According to IBM, “your perimeter may already have been breached: Recent attacks demonstrate that victims were compromised for months before they discovered it.” Be sure to have a breach preparedness plan in place in case of a cyber attack. This plan can help keep customer relationships intact and reduce business reputation damage.
Do you have any additional best practices to help businesses stay secure online? Let us know on Facebook, Twitter or LinkedIn, and be sure to keep up with our Tumblr for up-to-date security news stories.