whatsApp WHATSAPP
Logo
Contact Us Today!
Glasgow 0141 428 4301
Perth 01738 310 271
Full Service IT
Support & Consulting
Glasgow 0141 428 4301 | Perth 01738 310 271
Remote Support
Contact

Cyber Security - Are Your Employees Your Biggest Risk Or Biggest Asset?

15 March 2021

Your staff can be your biggest asset and equally a very big risk to your company without the proper Cyber security awareness training.  With most employees working from home, remote working will probably become common working practice even after lockdown and when everything returns to the “new normal”.  When working from anywhere without the correct Cyber Security awareness training, your staff can be a very significant security risk to your business, whether they work from home, at the corner café or even in the office, they can be a security risk to your business.  Please read below an awareness and some of the common mistakes that can be a risk to your business.

Using weak passwords

Create a password policy within your organisation, no matter how big or small your business is, make sure you have a policy for setting and refreshing passwords. For example, don’t allow people to use basic dictionary words. Don’t allow identical strings of characters from previous passwords. And make every password unique—i.e., not one that somebody’s used for a different system. Educate your staff about good “password hygiene” and how weak changes or reusing passwords can put both your organisation and your users personal accounts at risk. – Don’t just update your passwords, reinvent them

Educate your staff on the risks of being Phished.

For accessing businesses sensitive information, like password and other credentials, Phishing is public enemy number one.  It can be devastating to a business, not only the reputation but also in terms of financial loss as well. For a hacker this is an inexpensive way of attack making it a highly lucrative for a hacker if ransomware is deployed.  With all the best defences and technology, it still boils down the recipient who is receiving the phishing email, that would be you or your employees, they are your last line of defence, so training is important in any business.  Put policies and procedures in place and training for your staff to spot and emails that look suspicious – Defend against Phishing 

Public Wi-Fi

When staff are using in cafes, hotels or coffee shops they will no doubt be using public Wi-Fi connections, many people don’t think twice when connecting to public Wi-Fi or hotspots, make your staff aware if they need to do this and be very careful when inputting private and confidential information, like login details or any financial information. Normally these public Wi-Fi areas will have very little security or none at all and this could be a major threat to your business.

Keep your systems up to date.

By using a good MSP (Managed Service Provider), they will ensure all your devices are kept up to date, by outsourcing your Patch Management to a MSP or Managed Service Provider who will have the processes in place to make sure your businesses IT infrastructure are kept up to date by installing patches and maintaining the security for the smooth functioning of your business, whether your devices are in the office or with your employees working from home – Patch your devices and close the holes on any software vulnerabilities.

Using BYOD (Bring Your Own Device)

Staff using their own devices for work or business can give your employees more flexibility or freedom as they can work from anywhere but using personal devices can have huge risks for business, if you do allow this within your business, make sure these devices have the proper security on them, let your MSP do a check.

Use Multi Factor Authentication (MFA)

Businesses or people that use some sort of MFA are more secure than those who don’t, this is a big deterrent for hackers as it makes life for hackers incredibly harder to hack your account if there are multiple forms of authentication in place.   Whenever you can utilise a system like MFA, you should be using it.

What to do next
Are you utilising a strong Cyber Security policy within your organisation and perhaps not sure how to go about setting this up for you or your employees, we can help, call Control IT Solutions today on 01738 310271 or 0141 4284301  - Contact us Here
 

TAGGED IN: Small Businesses , Managed Service Provider, Cyber Security