6 Ways Employees Might Compromise IT Security
October is National Cybersecurity Awareness Month, so what better time to bring up the topic? Company owners want to be able to trust their staff. Yet, 52% of employers have noted that employees pose the greatest risk to company security. Considering that nearly 68% of businesses admit that their security risks are growing year after year, it is imperative that employers be able to rely on their staff to uphold security measures – even when no one’s watching.
Consider these six common ways employees compromise IT security. Once you understand where your employees need more guidance, you can offer it to them in a way that makes them feel valued and supported – a win for them and your company.
1. Insider Malice
This type of security risk is the rarest on the list, but also the most destructive. Bad actors within companies cause upwards of 40 billion dollars in damages each year. These breaches often take longer to contain as well, leading to long-term consequences for the company.
This is not cause for distrust between you and your employees, however. In most cases, the attacks come within 30 days of an employee leaving the company, or during the 30 days directly following their departure. Take a look at your off-boarding policies and note where you can better protect yourself against any potentially malicious actors.
2. Using Public WiFi
Remote work has become common out of both necessity and convenience. This brings with it the danger of unprotected WiFi. Some employees may be linked to a public, building-wide WiFi network. They could also be using the public WiFi hotspot of a cafe or restaurant.
Any time public WiFi is used for company business, your data is at risk of a breach. Cybercriminals can eavesdrop on communications, swipe files, and distribute malware through public WiFi connections. Consider enforcing a private WiFi policy – and help your remote employees offset the cost as a sign of good faith.
3. Phishing and Surfing
52% of breaches occur due to some version of hacking. Phishing specifically accounts for 33% of security breaches. These attacks primarily come from emails and internet surfing.
Regularly update your employees with the latest phishing information. This will help your employees recognize fraudulent emails and ensure that they do not unintentionally supply a malicious hacker with important company information. You can also create a whitelist of accessible websites to reduce the chances of being attacked by hackers.
4. Unsafe Downloads
Similar to surfing, unrestricted downloading can result in the deployment of malware. Even those applications or files that seem harmless can be trojan horses.
Create a clear protocol your employees need to follow before downloading anything from the web or email. You can also set up your system to both instantly block certain high-risk employee actions and to perform a daily virus scanner to fish out any potentially harmful downloads.
5. Loss of Mobile Devices
Nearly half of companies are the most fearful of what might happen should an employee lose their corporate mobile device. Phones and other mobile devices are consistently left in public places like restaurant tables, bathroom stalls, and rideshare vehicles.
Unfortunately, the device’s security settings are often forgotten about, leaving all its important data free and accessible to anyone who finds it. Keep your risk low by regularly monitoring mobile device security settings and limiting certain accesses when devices leave the office.
6. Not Following Company Security Protocols
Unheeded security measures may as well not exist at all. Employees need regular reminders to help them uphold all protective protocols. These reminders can come via regular training, memos, or individual meetings.
If you feel that your company has become slack in its enforcement of proper security procedures, now is the time to pay closer attention. A little more focus on security now could mean avoiding a major breach in the future.
- Contact us today to learn more about protecting your business.
- Learn more about what business security means to us.
- Subscribe to our blog to stay informed about the latest security news and insight.
Stay up to date on security topics such as home alarm systems, business security systems, video surveillance systems, IP video networks, remote video monitoring, fire alarm systems, and fire alarm inspection.