5 Tips for Your Employees to Keep Your Workplace Safe Online
Your data is a prime target for bad actors. How can you help your employees to keep your workplace and its most valuable asset, its data, secure? We've rounded up some best practices to help you.
5 Tips for Your Employees to Keep Your Workplace Safe
Lock it up, and remember 2 is better than one.
Your organization may have multiple locations and may even have some employees working remotely from home. No matter where company devices are located, each device should be properly secured with a password that contains both numbers and letters and special characters. Best password practices suggest that a password should be at least 13 characters long. And make sure each password for each device is unique. To back this up with even more security, especially for critical applications and accounts, employees should be required to use two-factor authentication. Oftentimes, this will mean an employee will sign in with a password and then have a second code sent to them via a text or email on file to ensure the software is only being used by an authorized user.
Don’t connect your Internet-connected smart devices to your work WiFi network.
This includes personal smartphones and watches. Yes, employees can still get their steps in. Just make sure that their Fitbit can’t be used to infiltrate your network as a whole. For example, hackers once used a fish tank thermometer to hack into a casino. Advise employees to leave their smart devices at home, or provide a guest network that doesn’t have the same access to where your organization’s sensitive information is stored.
Don’t use smart assistants in the same room where sensitive or private meetings are taking place.
Let’s face it: we love Siri and Alexa. But here is the thing: they are always listening. Smart assistants are inherently insecure because it is literally their job to be listening for that “awake” word. They can also record what they hear. If you are having sensitive conversations, they may be picked up, saved, and heard by employees of the smart assistant’s parent company. This can be of particular note for employees who are working from home. Instruct employees to disable their smart assistant’s listening mode or make sure all are aware of the possibility of being heard.
You can’t protect what you don’t know about. Be sure to set up processes that actively track all hardware and software assets within your workplace. An active discovery tool or software inventory tool will be able to easily identify connected devices to your network and help automate the documentation of all software on business networks.
TRAIN YOUR EMPLOYEES!
We know we’ve said it before, but it simply cannot be stressed enough. Your employees are both your weakest link and your strongest shield against cyber-attacks. Make sure they are knowledgeable about phishing scams and know not to click on suspicious links or emails. Make sure employees know how to spot red flags like fraudulent URLs. Train them to use bookmarked links for logging into sensitive sites rather than links within an email. Phishing scams are some of the most common ways online criminals can get access to your network and contacts. Hackers will spoof or mimic an email address or messaging account you trust (usually family, friend, or a coworker) with an attachment or a link to something for you to click on. When you do, the hacker can use it to download malicious software to your computer, steal your information, and get your passwords and other sensitive information.
These practices will help keep your workplace safe from bad actors who seek to do your organization harm. In conjunction with pim’s businesss IT solutions (BITS), your workplace can be best set up for IT security. Industry data shows that network and system threats can be addressed ahead of time, downtime and costs can be dramatically reduced. Our advanced managed threat response, powered by SOPHOS, has advanced threat hunting, detection and response capabilities that takes action to neutralize threats. BITS helps to achieve maximum computer system productivity while reducing the burden of day-to-day IT management through system management services (SMS), help desk support, assets reporting and management, monitoring, and encrypted remote tools.