Blog

Cybersecurity in the workplace should be important to everyone, not just the IT department. But no matter how many safety and security guidelines you’ve set in place to avoid cyber threats in the workplace, they won’t do you any good if your team isn’t aware and paying attention. The safest and most secure work environments occur when employees, at all levels of the organization, understand and adhere to best practices. At the end of the day, nobody wants to be the one that cost the company thousands (if not millions) of dollars because they clicked somewhere they shouldn’t have.  You can easily protect your staff and customers from cyber threats and privacy breaches by following these five best practices.

Create a password policy with multi-factor authentication – To better secure end user identities, multi-factor authentication adds a layer of security by combining two or more independent credentials. For example, you verify your password by utilizing a security code that gets sent to your phone via text. You should also create mandatory rules for employee passwords that require a level of complexity, and password rotation. In addition, multi-factor authentication should be applied to all users, networks, applications, and servers.

Learn how to identify a phishing email – According to Verizon’s 2018 Data Breach Investigation Report, 93% of data breaches are linked to phishing and other social engineering incidents. Check the email for spelling or grammar errors, validate the sender email address, and ask yourself if this email is relevant to you. If anything looks suspicious, err on the side of caution and delete.

Think before you click – Hyperlink scams use tricks like subtly misspelling the original website, asking for some sort of favor or compensation, and can be an extended or shortened link. Carefully hover over any embedded links in a message to see where the URL will actually be taking you. If the link-to address is for a different website, this is a big red flag.

Be cautious with attachments – As mentioned above, it’s important to validate the sender email address and if the email looks in any way suspicious, never click to download the attachment. It’s also important to remember not to open any e-mail attachments that end with: .exe, .scr, .bat, .com, or other executable files you do not recognize.

Provide continuous training to employees – Training employees, not only when they are hired, but continuously, will keep security top of mind. Security awareness training programs and simulated phishing tests are a perfect way to keep employees on their toes and remind them what to look out for.

While all employees should do their best to understand and implement best safety practices in the workplace, it’s up to managers and business owners to ensure their employees have the training they need to reduce risk. IT Resource can assist in security training to avoid cyber threats in the workplace. If you have any questions about security solutions, give us a call at 616.837.6930, or email our sales department and we’d be happy to lead you in the right direction.