For many businesses – big and small – the most concerning issue they face today is securing their commercial networks and sensitive data. The fact is, today’s risks don’t just come from the outside; instead, some of the biggest threats a business faces is from those who are entrusted to protect it – the employees.
While this does not mean all workers are intentionally trying to compromise the business’s data and networks, what it does mean is that they may not have received adequate security training, or that the security policies in place are not being enforced properly.
Some of the ways employees may be putting an entire commercial network at risk – without even realizing it – include:
• Creating weak passwords: A single employee using an over simple password, such as “password” or “123456” can allow a hacker to access sensitive company information. In fact, it takes the average hacker less than 10 minutes to crack a password of six characters. With a few capitalized letters it will only take 10 hours. This is why it is essential the company creates a policy that requires strong passwords with a combination of upper and lowercase letters, number and symbols that are changed regularly.
• Using social media at work: Social media links often carry malware. If this is downloaded to a single office computer, it can quickly spread, compromising the entire network. It is important that employees do not engage on social media from the office or during work hours and this is a policy that needs to be strongly enforced.
• Losing devices: From time to time everyone loses an electronic device, this is simply a fact of life. However, to ensure that no sensitive data is leaked when this occurs, it is important to ensure each device is encrypted. This means the data is protected regardless of who finds it.
There is no question that having physical means of protection in place is important, such as security cameras and alarms; however, educating employees about how thieves may try to steal information is also crucial.