Keeping up with the latest Cyber Security breaches can be a daunting task, however there are measures that you just can’t skip following. If the business you work for doesn’t have an IT or Cyber Security service provider, it can be tough. Not only that but you will be held responsible if you slip up and become the reason your employers data is breached. Here are our 9 Things Your Boss Expects You To Know About Cyber Security…
1. Protect business data
Although protecting personal data has been a message told timelessly over the years, protecting business data should be equally important. Simple mistakes such as sharing images with sensitive business data in the background could wreak havoc on Cyber Security. This is why it is also vital for staff to have thorough security training.
2. Use a strong password
As is required of your personal accounts, this is especially relevant to business accounts. Your password is your first wall of defence, and should be strong.
So if you are currently using your Facebook password as your password for business accounts, consider this your warning.
If criminals break into your account this could not only jeopardise your company data, but may also allow access to the company’s network.
3. Connect to secure Wi-Fi
In order to limit the threat opportunity, business Wi-Fi should be used exclusively for that purpose – business. Bringing your own device (aka bringing your own disaster) poses a world of threats which are unlikely to be monitored. This is because it may not have the security measures in place that your business device does. In terms of the Wi-Fi itself, company Wi-Fi should be secure, encrypted and hidden. If using a company device outside of the office, public Wi-Fi is out of the question as it carries too many security risks.
4. Beware of questionable links
For most who have long used email in their business, they will have been touched by phishing in some form. Phishing is the number 1 way hackers try to steal data, and it only takes 1 click from 1 user to allow hackers access. Phishing involves attempting to fool employees into clicking on malware infested links, or entering sensitive data into fabricated forms which pose as being authentic. Despite these being the most common ways, it can be executed in a variety of ways, and scammers are constantly finding new tricks.
When something seems off, be cautious, and contact your Cyber Security experts immediately.
5. Not to ignore software updates
If your company doesn’t have a provider to carry out patch management, you can’t afford to ignore those pop-up notifications for software updates. Although it may seem like an unnecessary chore, updating software is key in defending systems. This is because software updates, including anti-virus software, is often designed in line with the latest flaws threats. They are constantly revised and improved accordingly, so failing to update software means you are failing to allow it to perform to its full capacity.
6. Take the time to get to know your business’ security policies
Most proactive companies have measures in place, and may have some training for staff. As an employee, it is your responsibility to reciprocate the cautious mindset. This includes following any security policies, and making the time to comprehend training provided. As for any personal devices, the same policies should be applied if you share any business data to your personal device (which we do not advise).
7. Enable Firewall protection
Ensuring a Firewall is enabled is critical. It is one of the first lines of defence between your device and the web. Firewalls work by preventing unauthorised users from accessing information that would otherwise be inaccessible from the web (mail services for example). If your employer has an IT service provider such as us, disabling the Firewall would be a process that individual employees would not be able to perform. This is to close any loop-holes which employees may accidentally go through, causing a security breach.
If working from home, installing a Firewall on your home network is also a measure you should heavily consider.
8. Employ third-party controls
As an employee, if you have any access to company data, you may be one of those in charge of protecting this data as a result. It is not uncommon for data breaches to begin from within. In the instance that your company data is also granted to third-parties, such as consultants, it is important to restrict their access to the company network.
This also applies to former employees. Access should be deactivated when they finish the job.
9. Know how to respond in the event of a Cyber Disaster
Knowing how to respond in the event of a Cyber Disaster could be the difference between saving the situation, and losing everything. Your business may have a policy in place to follow, however, in all cases the first thing which you should do is report it to a senior and immediately contact a Cyber Security expert.
Without IT or Cyber Security support, it is your responsibility to keep up to date with best practices.
If you want to read up more on Cyber Security, you can check out our previous blog posts, where we detail information you may need to know, and update it regularly.
In the event of any Cyber Security concerns, you can contact us immediately on 01738237001.