09 Sep 10 Ways your Employees Compromise your Business’s Security
The majority of your employees are probably all guilty of some of these security mistakes. Here are the ten most common security risks we have found employees to regularly be guilty of.
Identify these threats in your organisation and employ the correct solutions or education to stamp them out!
Outside The Office
- Using Public Wi-Fi – Many public wi-fi connections are unsecured – which could allow an outsider to snoop on the connection and intercept data. Connecting to a business VPN first over the wi-fi can mitigate this risk.
- Sharing passwords – Sharing passwords is dangerous. You can control who you share them with, but not who those people might share them with. This can come back to haunt you when a scorned employee leaves, perhaps with malicious intent.
- Using their own devices/hardware – Saving company data on personal devices is a security threat as these devices may be lost – or will eventually be sold/passed on or disposed of in a non-secure way. Connecting personal devices to the business network can also spread malicious programs and viruses to business hardware.
- Using the wrong cloud services – Employees may use services like Dropbox with the intention of working more productively, but what happens when their laptop is stolen or their easily guessed Dropbox password is cracked?
- Leaving laptops and mobile phones in vulnerable – Employees losing devices potentially results in your business’s data falling into the wrong hands – especially if the device has a weak or even non-existant password or lock code.
Inside The Office
- Using social media at work – Aside from being a drain on productivity, social media can also be dangerous. It can be used very effectively with click-bait to redirect users to malicious websites that download unsolicited software.
- Downloading and installing things without permission – Allowing employees to install programs on their work PCs can be a good thing as they install things which help them to work better. However, it can also lead to accidental install of annoying toolbars/advertising software – that hampers productivity. In the worst cases malware can be packaged with some downloads, putting your business at risk.
- Falling for Phishing – Too many employees fall for phishing emails and don’t treat attachments or links within emails with enough suspicion. These attacks can be extremely serious, stopping your business from working and even leading to total data loss.
- Choosing the convenient option – Employees will often save files to their hard-drive as it is “easier” than saving in the correct place. This leads to potential data loss in a disaster – as individual PCs are usually not backed up. If this was done on a laptop that is then lost, data is accessible to whoever finds it. If the data had been saved to the company servers or cloud solution then it is secure and usually easier to recover.
- Not installing updates – A lot of updates and patches are released to fix vulnerabilities in software. Clicking “remind me later” and not installing these can result in security vulnerabilities that could give a cyber-criminal access to your systems.
If you are in any way concerned about security, then please speak to us and we can advise you on how you can mitigate all of the above risks.