As an employee, you’re on the frontlines of any cybersecurity process, in fact, for many organisations, the weak link is often the end-user. Research by Shred-it shows that more than 40% of senior executives and small business owners report that employee negligence was the cause of their most recent security breach.
To insulate your employer from damaging security risks, we’ve prepared a list of 8 cybersecurity tips every office worker should know.
#1 – Keep your data safe
You’d never share your bank details, national insurance number or other important details without being sure you can trust the source. Apply the same principles for confidential information in your organisation; such as intellectual property, sensitive information or other data, such as customer records.
Treat unsolicited emails, phone calls, text messages or IMs with suspicion. In addition, consider how you share details of your workday via social media. By sharing a picture of your office, which may have sensitive information in the background, you could end up leaking confidential information unintentionally.
#2 – Avoid clicking on unknown emails and links
Scrutinise every email, every attachment, pop-up and link to ensure that you’re avoiding falling victim to phishing. The consequences of phishing can be quite severe, with the infamous Sony Pictures hack a high-profile example. In 2014, a hacking group called ‘The Guardians of Peace’ infiltrated Sony Picture’s IT infrastructure using a phishing attack.
Cybercriminals use phishing to trick unsuspecting victims to click on unsolicited links that might have viruses or malware embedded within them. You’ll need to be vigilant and ensure that any link you choose to click is legitimate.
As a rule of thumb, don’t enter personal or company details in an email, pop-up webpage or any other type of communication you didn’t start in the first place.
Businesses can help their employees by using authentication technology that works with your email system to automatically block suspicious emails. But it isn’t foolproof and much of the work defending on attacks is on you to make that decision.
#3 – Pick a strong password
You’ll have no doubt heard this many times in the past but picking a password that strong can help stock cybercriminals from stealing confidential information. Just think for a second; if your work account has access to confidential data and has a simple to guess password, hackers will have access to a wealth of confidential information.
Follow these guidelines to create a tough to guess password:
- Make your chosen password at least 10 characters
- It should also include a combination of numbers, symbols and upper and lowercase letters
- Make a habit of changing your password every few months
- It’s tricky to remember loads of different passwords, so consider investing in a password manager. TechRadar reviews some of the best here. Google have launched their own
IT managers wanting to beef up their security measures might consider multi-factor authentication too, a process which asks users for one additional step before login, usually entering a temporary code sent to a smartphone or separate email address.
#4 – Connect to secure Wi-Fi
This is mainly for those that travel frequently or work remotely, but you should only consider using secure Wi-Fi networks for accessing the internet. This is because public Wi-Fi networks can open your device up to being intercepted by malicious parties monitoring traffic on the open Wi-Fi source.
A great way to secure yourself while on the move is by using a VPN. Speak to your IT department and see if there’s a VPN provider they can recommend.
#5 – Put up your firewall, no matter where you are
Using a firewall at work and at home or wherever you are is a great way to help prevent cyberattacks. Firewalls work by managing the following:
- Carefully monitoring web traffic – two-way firewalls monitor web traffic coming through your network but also monitors it as it leaves your network
- Helps block trojan viruses – firewalls proactively block trojan viruses from ever coming onto your machine in the first place, before they can cause problems
- Reduces keylogging – a type of malware is one that monitors keystrokes. The software transmits this data back to cybercriminals, allowing them to access things like your credit card information or login details to other confidential accounts.
The best thing to do is ask your business if they have a firewall in place and if a licence of it is installed on your computer and correctly configured.
#6 – Install the update, don’t put it off!
How many times have you seen an update come through for Windows, your anti-virus software or some other tool, and decided to put it off? In future, don’t. Make sure all your software is up to date with the latest version installed. Organisations will often, spot and rectify potential security vulnerabilities in their software and push out updates accordingly to prevent problems from arising.
If your IT team sends out instructions to update software, do this immediately. This really helps to ensure your devices stay protected and are insulated against the latest threats.
#7 – Make sure any third parties have stringent security measures
If you’re sharing data with a third-party organisation, make sure they’ve got adequate security in place to prevent unauthorised breaches from happening. This includes agencies you might work with, as well as consultants, temporary staff or other people that might have access to sensitive information.
Do your due diligence and ensure they’re doing their bit to keep your data secure. Ask them what security measures they utilise to keep data secure. If you’re unsure, ask your IT department for help and advice.
If you stop working with consultants, temporary staff or similar people, be sure to deactivate their accounts or access so they can’t continue to access your data.
#8 – Commit time to learn about cybersecurity
You should spend time familiarising yourself with the latest cybersecurity threats. While it’s unrealistic to expect you to become an expert in the matter, spending time learning about the latest threats and how to counter them is an effective way to avoiding costly security breaches.
Ask you IT department if there are any courses you can attend and make security something valuable to you and your team to ensure you won’t be the source of any major security breaches. In addition, if you choose to use your own device to access work-related content, ensure it has the latest security updates and follow the advice in this blog post to ensure you minimise the chances of a cyberattack.
Have you got any cybersecurity tips?
Have you got any recommendations or security advice to share? Let us know on our LinkedIn or Twitter accounts.
If you’re interested in reading more of this type of content, sign up to our mailing list here.