Human error is the number one factor in cybersecurity incidents. Human error was involved in over 90 percent of all data breaches according to a 2014 study. Your job as a small business owner is to address the potential for human error at work to keep your company, and its employees, safe online.
Emphasizing the importance of cybersecurity with your employees is your first step. Outlining an online security policy for your employees is the next. Edward Granlund, a diligent student, actively completing a degree in Cybersecurity, outlines next steps below:
Identify Technically-Minded Team Members
Not all of your employees are going to be computer experts. Some aren’t even all that technically-minded. This is where information technology staff come in handy. If your business is too small to support a separate hire for this function, assign it to those with more advanced technical skills.
Set Standard IT Operating Procedures
With or without an identified IT professional, your company will want to have standard online operating procedures to help protect your company from cyber threats. Establishing internet use guidelines for your employees involves:
- Selection of computer security software to be used across the company.
- Updating of anti-malware and antivirus software regularly.
- Managing passwords to keep them strong and secured.
- Securing computers and devices physically, locking laptops when unattended, logging out on handheld devices.
- Scanning all incoming storage devices (e.g., USB drives, DVDs).
Advise your employees to report immediately any computer or storage devices that get lost or stolen.
Train Your Employees to Protect Against Phishing Attacks
Online “phishing” scams that target the confidential information of companies like yours continue to dupe unsuspecting victims. “To make sure your company isn’t one of them, you should regularly remind your team of the basics in protecting against such attacks,” suggests Granlund.
Basic protection against phishing includes:
- Identifying fraudulent online communications, links, and sites.
- Going directly to official websites rather than linking through “urgent” emails.
- Never entering confidential data into pop-up windows.
- Confirming seemingly internal communications with the presumed sender.
Because scammers can also call your employees to mine them for sensitive information, remind them to guard confidential data whenever they receive a suspicious call. They should only give out account login information to people they know and trust.
Security experts also suggest full-scale simulations of phishing attacks, both to familiarize your employees with scam types and to sharpen their response to them. By running such tests, you also get a sense of any possible cybersecurity “weak links” in your system (or on your team).
Take an Active Role in Protecting Your Company
The best way to keep your company safe from cyber-attacks is to be continuously active in protecting it from online criminals. To stay on the front line of online security:
- Regularly remind your employees of the importance of staying safe online.
- Ask your employees to report anything suspicious immediately to you.
- Encourage setting of company and employee social media account security at maximum levels.
- Be continuously available for cybersecurity-related questions.
Most importantly, respond quickly to any indication of an online data breach at your workplace.
By following these simple guidelines for setting up internet rules for your employees, you should be able to keep your company safe from malicious attacks online.
About Edward Granlund:
Edward Granlund is a diligent student, actively completing a degree in Cybersecurity. He skillfully retains his technical competence while the artistic, social, and adventurous facets of his personality flourish. An avid skier, CrossFit devotee, and gifted stock picker, Edward regularly embraces opportunities for personal growth and, because of his innate talents in cybersecurity, his remarkable workplace skills continue to thrive.
Edward Granlund around the web:
-PayAnywhere: “How to Protect Yourself Online”
-OPSWAT: “10 Things to Include in Your Employee Cyber Security Policy”