Do you have a Cyber Aware Workforce? If you find yourself thinking on this too long, the answer is most likely – No. With more security breaches caused by human error than IT gone awry, everyone in the business needs to be cyber aware, not just the IT department but from the very bottom to the top of your business and everyone in between. For your business to be successful when it comes to data security, it’s essential to have this awareness instilled in your workforce from the get-go – there’s little use in waiting for something to go wrong before you do anything to avoid it going forward. Act now!
Your workforce doesn’t even need to be IT gurus to understand how to be cyber aware; basic knowledge of online security combined with some work on policies and procedures is all that is needed. It really should involve no more work than any other company function you’ve completed beforehand. To get you started, here are some steps you can take to help build your cyber aware workforce and help ensure that your workforce stays smart about security.
Implement Plans, Procedures & Training
To begin creating an aware cyber workforce your business needs to implement security policies and procedures that cover the aspects relevant to your business that include the acceptable and safe use of the business systems. These should be plainly explained, accessible to all workers and understood by all. Such documented policies and procedures are indispensable, but their success lies in their implementation.
Compulsory training for all workers on cybersecurity is critical. Engaging workers in regular training will ensure they retain this information, but this training needs to be engaging too. By doing this, you also encourage your workforce to possess a sense of ownership when it comes to cybersecurity, promoting a culture of confidentiality where all workers feel they must protect the sensitive information of the business and ensuring you have a cyber aware workforce.
Shred those sticky notes – be password safe.
It may sound like a bad joke that employees put their passwords on sticky notes, but this is still common practice. Leaving notes like this puts your business at enormous risk. To ensure a cyber aware workforce, you will need to have strict rules when it comes to passwords. Therefore, there should be a strong password policy in place so to protect your business. Some examples of this include:
– Using a Password Manager to remember passwords.
– Use the 8+4 Rule (Use eight characters with one upper and one lower case, a special character like as asterisk and a number.)
– Use Unique Passwords for Different Accounts.
– Change passwords regularly.
Beware of all Emails
Many businesses will invest a lot of money into the top of the range security systems but forget the importance of the small stuff – emails. A point which a lot of businesses forget to educate their workforce on when it comes to cybersecurity. After all, any system can easily be accessed if due diligence is not given and the wrong action is taken with emails, attachments and hyperlinks. We talk about this more in our blog ‘Worried about your Data Security?‘ but here is a quick summary. To begin, be conscious of the source of all emails you receive, double-check the sender, even if the email looks to be from an individual you would trust. If the emails ask you open any attachments, then think twice! If in doubt, ask the person directly to ensure it is all above board. Finally, never include sensitive data in an email, such as passwords or personally identifiable information. If such information needs to be shared, always use an encrypted file service. Ensuring your employees are aware and vigilant of this will ensure you have a cyber knowledgeable workforce.
Simply lock your computer.
Perhaps the simplest of all steps but yet one of the most effective is to merely insist that workers lock their computers then away from their desks. This goes a long way in keeping intrusive eyes from using your computer, installing malware, or seeing something they shouldn’t. It takes mere minutes for someone to complete an activity on a computer that can leave your business exposed. Locking a computer is simple and listed below, so there are no reasons not to insist your workers do this.
– Press the Win+L key combination on the computer keyboard.
– Click the padlock button in the lower-right corner of the Start button menu.
Cybersecurity is something all businesses need to be aware of, especially in light of GDPR which comes into effect on May 25th. Taking steps to building a cyber aware workforce is an integral part of this and is something you need to begin, not tomorrow, or next week, but today! You can also ensure your payroll is ready for May with our GDPR Control Module for Payroll Software Megapay. This new module underpins the latest EU protection regulations but supporting requirements such as the right to forget, subject access request and more. For further information, contact our sales team.