There’s no question that cybersecurity is an important part of managing a business, especially with so much technology in your office. Yet, the real challenge comes from making sure that your employees know and understand best practices, and are willing to adhere to them. Here are some easy ways that you can help your employees understand just how important IT security really is.
Change Passwords Frequently
Password security is a big problem for both the commercial and domestic computer user. Too often you see stories about users having passwords like “password” or “123456.” To help your team avoid this, create a handout that has the following best practices on it:
- Make your passwords long (at least 16 characters). The longer, the better, as this makes the passwords more difficult to guess.
- Make your passwords complex. Use a plethora of special characters, numbers, and both upper and lower-case letters.
- Never use the same password twice. When a hacker steals a password, they may try to use it on other related accounts.
Of course, a password manager makes these tips much easier to accomplish; particularly one that allows you to share passwords across your organization’s network. You can group together users and distribute credentials as they’re needed, synced in real time to their devices. As a bonus, you can use complex passwords without the frustrations of forgetting and remembering them.
Watch Out for Spam
Hackers will often spread spam in the hopes that someone will slip up and offer important credentials or personally-identifiable information via email or phone call. We’ve outlined a couple of common spam situations below, so that you know what to look for:
- A big congratulations: If you get an email saying that you’ve won the lottery or a big winner who needs to claim the prize, you can disregard it as spam. In general, if something is urging for immediate action, you might want to think twice about what it is.
- Fake law enforcement threats: Hackers know that people are intimidated by the authorities, so they will create messages claiming to be from the FBI or local law enforcement. They will then declare that you have done something wrong and that there is a fine. Messages like this use fear against you, so be careful not to fall into the trap.
- Spear phishing tactics: These are tactics in which hackers will target specific users and tailor their attacks to the individual. Details to look for could include customized phone numbers, addresses, and personal information regarding their schedule or workplace. Since the attacks don’t look like generic spam, they can fool users.
- Whaling schemes: These are top-tier social engineering threats that almost don’t classify as spam due to how dangerous they are. Whaling schemes, or CEO fraud, is when a hacker impersonates the business owner in an attempt to get financial departments to wire transfer funds to offshore bank accounts. Look for inconsistencies with email addresses, or simply ask the one who has sent the message, if it’s a real request or not.
Many of the above email threats can be mitigated with an enterprise-level spam blocking solution. Spam blocking keeps suspicious messages from hitting your inbox in the first place, which increases the chances that your employees won’t see them at all. However, there are still some that might manage to squeeze past filters. Therefore, the only real way to prevent these problems is by taking proactive security measures.