With the ever-changing threat landscape, ensuring your organisation remains secure can be a mammoth task. It’s important to clearly communicate the potential impact of cyber incidents to your employees, as most may not even realise how their behaviour and actions could significantly impact your organisation.
To help raise awareness, and to make sure everyone is playing their part – after all, everyone has a responsibility, it’s not just down to the IT department – here are some basic tips to share with your employees. As these tips aren’t technical, they can be put into practice right away.
1. Hide login credentials
These need to be kept private. Do not share them with anyone and, more importantly, don’t write them down anywhere or leave them on a Post-it note on your monitor. Anyone who walks past your desk will able to see these, and even without malicious intent, you are compromising confidential data in an unnecessary and preventable manner.
If you do need to share your login details with a colleague – if, for example, you’re using a shared account – consider using a password manager that will store these credentials securely for you.
2. Lock your computer
Simple but important: when you leave your desk, even if it’s just for a few minutes to make a drink or use the bathroom, remember to lock your computer. You might be blissfully unaware of, for example, the contractor in the office. Data could be extracted in a matter of minutes behind your back.
3. Use a secure Internet connection
Using free, public Wi-Fi opens you up to a multitude of risks. If you log in and work on your commute, consider the risks that you are opening yourself up to and take caution. Cyber criminals could be lying in wait to steal whatever it is that you’re working on.
If you are working with sensitive data, consider using a VPN (virtual private network) or, if possible, work locally on your device without connecting to the Internet. Also, if you’re working in a public place, remember to use a privacy screen protector – you never know who’s looking over your shoulder.
4. Think before you click
Don’t click in haste. When we’re busy, we tend to skim read. This is an accident waiting to happen. Employees inadvertently click links without stopping to think about what they are doing. Careless actions, simple mistakes – call them what you will – result in data breaches. These preventable occurrences can have a severe, negative impact on your organisation.
For more information on phishing, read our blog 7 ways to detect a phishing email – with examples.
5. Familiarise yourself with internal policies
This sounds very straightforward, but it is critical. You have to familiarise yourself with your internal cyber security policies. For example, do you know who you should report an incident to? And if you have a question or concern, do you know who you should ask or talk to?
If you’d like your employees to learn more about information security best practices, consider taking a free trial of our Information Security Staff Awareness E-learning Course.