While advanced hackers may use malware, they often start by attempting to exploit the easiest point of entry. This typically includes phishing emails similar to the Google Docs email link that had Google on its toes recently.
If your employees leave events such as this unreported, the consequences could be devastating to your cybersecurity. With that in mind, let’s discuss some things you can do to mitigate your company’s exposure. From office culture to properly managed hosting, there are steps you can take to prevent a cybersecurity meltdown.
Is this problem unique to small business?
In fact, businesses of all sizes experience vulnerability from within. A recent report indicates that while roughly 40% of employees working with medium size companies hide incidents, the percentage drops significantly with companies of under 50 employees. This makes a great deal of sense. Here’s why.
Office culture plays a significant role in incident disclosure.
A smaller staff generally means a more easily controlled office culture. There are fewer people to educate or inform. This becomes evident when one looks at businesses of less than 50 employees. Here, the incident rate drops to roughly 30%.
The message one conveys to office staff is of paramount importance. It should be one of education, not punishment. Ask yourself why employees hide a potential breach. The answer is simple. Fear. If an employee is threatened with termination for such a mistake, it is clearly in their best interests to sweep it under the rug.
To summarize, take an educational approach to your cybersecurity office culture. Emphasize responsibility while reducing fear of punitive consequences. You’ll be amazed at the difference it makes.
Take reasonable security measures.
Start with basic password protection. Require that users re-log in after periods of inactivity. Restrict use of the office network for business. File sharing of a personal nature or access to inappropriate content begs for a security breach. When working remotely, employees should be working through a company VPN requiring a robust password.
Make sure your security software is up to date.
Set up appropriate firewalls and make sure that your IT department or hosting partner has an intrusion detection and monitoring system in place. Make sure that they are staying on top of anti-virus updates and installing patches accordingly.
Questions about your company’s cybersecurity?
If cybersecurity is an issue you’re giving thought to, give the folks at Beacon a ring. Call one of our team members at 336.447.3473 or send me an email. Better yet, take our FREE network assessment and let us help you understand your current state of vulnerability and what you can do about it.