Security and Staff – What’s the Connection?

In a business environment where security is paramount, online security is so very important. In generations before now, the only real worry about online security was virus infections, however now we’re having to face a plethora of issues including phishing, identity theft, spyware and the list goes on. Additionally, we have to think about internal security threats such as disgruntled staff, forgotten passwords etc. So, how do we boost online security?
1. Education is the way forward
Unfortunately, simply relying on technology alone won’t solve our fight against online threats. Therefore, educating your team members about online threats and its impact is an important process to implement. The easiest way to integrate this would be within the induction period when a new member of staff joins the business. For those long standing members of staff, perhaps organising a short training programme on online security is the best option.
IT Security Guru has stated education about cyber security has become so important, there are now considering plans to start teaching it from Secondary School .
2. Strength in password
Gone are the days when you can use simple passwords such as ‘123456’ or ‘qwerty’ or the old favourite ‘password’; passwords now need to be complicated and virtually impossible to guess. CBS News have identified that ‘123456’, ‘password’ and ‘12345678’ were the most common favoured passwords of 2013 – doesn’t bode well for security does it? Therefore, the organisation must implement a strong and stringent password policy which integrates rules such as using multiple characters, regular password changes and the password should never be shared with anyone.
Also, something else to bear in mind is that there should be a common ground between an easy to crack password and a policy that is so complicated to the point, where people will actually forget their password and then they will start to create patterned passwords, for example, ‘November1’, ‘November2’ and so forth.
3. Automating multiple accounts
Most employees have more than one account, a study by Experian shows that on average employees have around 40 accounts. Naturally, the more accounts a user has, it becomes easier for them to for them to forget passwords, which puts them even more at risk of attack. Introducing software such as password and identity self-service, will help manage these multiple accounts.
4. Feedback
In order to gauge the correct feedback, we must ensure all member of the team are in open dialogue regarding both current and potential online security fears. Having these sort of meetings will help and empower the team to protect theirs and the company’s data. Both new and existing staff need to understand the importance of sharing concerns regarding online security.
5. The element of personal and team responsibility
Essentially, people need to start thinking about their online security at work, as their own and take some onus on it. Through this, a culture of confidentiality will be created where employees will think ‘actually, online security is my concern’ and that employees will feel a sense of responsibility towards protecting sensitive corporate information. Industry leaders, Cisco identify that taking on personal responsibility will ensure a safer online environment. Simply put, it’s about create a wall against online security threats and ensuring that the wall doesn’t get broken down by any of these threats.
Making sure the company’s information and data is kept safe and secure is in the interest of everyone within the company and therefore it is important to ensure everyone is doing their bit with regards to their security.
Fundamentally, everyone in the business from Board Directors to Sales Managers to Administrators need to understand the importance of working together to combat data security, and that the business success lies within ensuring key data isn’t hacked into and the company continually protects themselves against online security threats.
The lesson that should be learnt is if you have disgruntled employees within the business, uncovering critical security issues isn’t that difficult, therefore in order to ensure high levels of security, keeping your team happy is the way to go!