Employees are unfortunately the greatest source of vulnerability that even sophisticated technology can’t solve. About 80% of attacks happen through human error. You can invest in the most expensive and up-to-date cyber security system, but if your employees’ online behaviour isn’t safe, you will still be open to attacks.
Here are the three main areas where your employees need training.
- Recognising and dealing with phishing emails
Incoming emails are one of the top threats for companies. Teach your employees to recognise phishing emails and the proper procedure to deal with them. It only takes one click for a virus to infect your whole system, so it’s best to be overly cautious when anything doesn’t seem right. This could be language, suspicious links, dubious requests for information, anything that sets off alarm bells.
- Safe behaviour while out and about or travelling
Using mobile devices such as phones, tablets or laptops has made our work much easier, more efficient and enabled remote working. Unfortunately, this also comes with its own dangers. Give your employees detailed guidance about the use of public Wi-Fi. Educate them about using VPN (virtual private networks) to keep your data secure and reduce the risk of being hacked in public.
- Proper use of passwords
Remembering passwords can be tricky as more and more applications require you to login. Many people use the same, or at least very similar passwords across all their activities whether they are private or for work. This can lead to great vulnerabilities when it comes to the cyber security of your business. Once one password has been hacked, it can then open the doors to everything else in that person’s life, including your organisation’s data.
Impress on your staff to keep separate passwords for home and work and to make them memorable but difficult to guess. Multi-word phrases work well as they are much harder to hack. You could also introduce password managers that will do some of the heavy lifting for your employees.
Educate your staff
When it comes to educating your staff, it is important to be proactive. Promote the right ethos and provide good education to avoid losing company data or being taken ransom by hackers.
- Send out regular information about cyber security
- Conduct relevant workshops
- Have an eLearning module as part of the new employee induction process
How Can The Fractional Group Help?
The Fractional Group have highly qualified and experienced cyber security professionals so whatever your security challenge we have the expertise and experience to assist you. Whether conducting a full security review and audit, guiding you through Cyber Essentials accreditation or partnering with us to provide ongoing piece of mind.
- Certified Data Protection Officer
- Certified Information Systems Security Professional (CISSP)
- Cyber Essentials Advanced Practitioner
- GDPR Essentials Practitioner
- ISO 27001 Lead Auditor.
Contact us to find out more