If you ask CIOs and business owners what keeps them up at night one of the answers you’ll hear most often is securing their corporate networks and their sensitive data.
However, the risks don’t just come from bad guys outside an organization; rather some of the greatest threats to an enterprise’s data security often come from the very people entrusted with protecting it–its employees.
Of course, that doesn’t mean workers intentionally compromise their companies’ networks and data. What it may mean, though, is that they haven’t received the proper security training, or the security policies of the business aren’t being properly enforced.
Here are four ways employees can compromise your network security–and what you can do to prevent it:
- Using Weak Passwords–Just one employee using a password like “password” or “123456” or “baseball” can allow a hacker to easily access your company’s network and valuable corporate data. The fact is it only takes 10 minutes for a hacker to crack a six-character password in all lowercase letters. If some letters are capitalized, it will only take 10 hours. Unless you create and enforce a strong password policy, your employees will be putting your network security at risk. You have to ensure that your workers are prompted to change their passwords at least every three months. Their passwords should comprise at least nine characters; a combination of uppercase and lowercase letters, as well a combination of letters, numbers, and symbols. The new passwords should also be different from employees’ previous passwords.
- Engaging in Social Media–Most, if not all, of your employees are probably spending some part of the work day accessing Facebook, Pinterest, Twitter and other social media sites. Although social networks are great for connecting with other people, links on these sites often contain embedded malware that, once downloaded, can compromise your network security. Not only that, employees might also inadvertently post sensitive company information on these sites. To protect your network, you have to institute a policy that prohibits workers from logging onto social networking sites for anything other than work purposes. Outside of work, employees should not access social media on company-owned mobile devices or via the company network.
- Misplacing Their Devices–It’s a fact of life, it seems–employees forgetting their laptops, tablets, and smartphones at the airport, the coffee shop, on the plane, in a taxi. You get the idea. When that happens, the data on those devices as well as your corporate network become vulnerable. The most important thing to do is encrypt everything on the drives of those devices, rather than specific folders or user profiles. That way, if an employee loses a device, or someone steals it, your data and your network will be protected.
- Going Phishing–One of the most common ways employees can compromise your network security is by opening email. Cybercrooks often infiltrate corporate networks via phishing campaigns. Phishing is the method of sending fraudulent emails to random users enticing them to click on links or download attachments that then spread malware or a virus to the their systems and through their systems to your entire network.To combat phishing, as well as other cyberthreats, it’s critical that you implement a security awareness training program–a formal process to educate employees about corporate policies and procedures centered around protecting company systems and data.
While your business security system will protect your physical assets, following these tips will go a long way toward securing your digital assets as well.
- Subscribe to our blog to stay informed about the latest security news and insight.
- Stay up to date on security topics such as home alarm systems, business security systems, video surveillance systems, IP video networks, remote video monitoring, fire alarm systems, and fire alarm inspection.