When it comes to cybersecurity threats, some of the biggest worries for your organization might actually be in plain sight. Here are five often overlooked digital risks to your office and what you can do to reduce them.
Lax cybersecurity training
A serious weakness in a workplace cybersecurity strategy is the people. Specifically, it’s how well and how consistently you’re trained on digital security essentials. Therefore, standardized training is key to getting everyone on the same page about serious issues. Even with all the anti-virus and anti-malware software available, a good human element is still essential.
Poor password hygiene
When it comes to office culture and cybersecurity, poor password hygiene is especially worrisome. That’s why a password manager is always a good idea, even in an office. Multiuser plans give you the means to create and store your own passwords. Don’t forget to make those passwords long and strong to better secure your accounts. Without solid passwords, it won’t make a difference how easy it is for you to remember them.
Not taking updates seriously
Online security breaches like WannaCry exploited out-of-date software. Help prevent criminals from exploiting a vulnerability or back door in your office network by staying on top of software updates. Setting everything you can to auto-update daily at a convenient time, could help make your office safer.
Insecure personal devices
BYOD culture — or bring your own device — can be good for employees and employers alike. It lets you perform your duties in a digital workspace you already know. For employers, the lack of a major learning curve and a bump in productivity are welcome.
What’s less welcome are the security risks a BYOD culture brings. So, don’t be alarmed if your employer needs to add stronger security measures like company-wide anti-virus software and protocols for data backup. All these steps are designed to keep your office operating safely and efficiently in today’s digital environment.
Avoid phishing scams
Thieves will try to trick you into clicking on emails that look like they’re from known sources like a manager or coworker. This is a phishing attempt designed to get you to reveal personal or corporate details. Don’t take the bait. Instead:
- Check the sender’s email address. The address may be so similar to a real person, you could easily overlook a fake (e.g. Mike.Smith@anytown.com versus Mike.Smith@anyt0wn.com).
- Check the greeting. Would your supervisor refer to you as ‘Dear Sir or Madam?’ Likely not. Delete the email.
- Read the email carefully. Don’t click on links that redirect to unfamiliar sites. Also, look for requests to perform unusual tasks like money transfers. If in doubt, go directly to the source for confirmation.
The advice provided is for informational purposes only.
Article provided by Local Government Federal Credit Union. Additional content courtesy of National Cyber Security Alliance.