IT Security is nothing to joke around about. Data breaches are costing companies billions every year – and with increasing external threats from hackers, business owners need to be at the top of their game. But what if your employees were actually to blame for putting your data at risk? We already know that a large percentage of data breaches occur because of employee error. Here are some employee habits that are compromising your business’ data and a few suggestions for what to do about it.
- Not signing out of their workstation.
When you work in an organization that deals with very sensitive data (say for example a healthcare organization or doctor’s office), your employees must be vigilant with their login information and workstation. When changing exam rooms, going to lunch or even just using the restroom, it’s important that your user lock their computer or sign off completely. While this might seem cumbersome, educating your employees on exactly what they should be doing this will help to ensure that it’s done throughout your organization. The CTRL + L shortcut will prompt a workstation to lock for Windows users.
- Using the same password for everything.
While it might seem simpler to your employees to have one password for all work access, this is not secure and if one password is compromised, it could compromise all of the access that user has. Rather than worrying about remembering multiple passwords for each web service your organization utilizes, consider using a password management tool like FastPass to manage all users passwords simply with one login.
- Not setting Auto-Lock on their mobile device (or a passcode).
BYOD is becoming increasingly popular and if organizations want to become more integrated, they need to embrace mobility. That mobility comes with a cost, however. Make sure that you have a passcode and Auto-Lock policy for all your employees’ mobile devices to ensure that unauthorized access doesn’t occur. Take it a step further by using applications that require separate sign-in for an added security measure.
- Using public computers to access company resources.
Organizations need to carefully control which networks, users and devices access their data and network. A lurking virus on a public computer could breach the firewall and cause issues for your organization. Make sure that your users only access your network from authorized devices to maintain the security that you’ve worked so hard to keep in place.
- Copy business files onto personal devices or USB drives.
While this isn’t typically a malicious activity, this is done very frequently. Make sure that you allow the appropriate access to enable your users to work on your company files externally without requiring them to be placed on an external device. This is a scenario when cloud storage or SaaS is very beneficial. An employee should never have to take a file home and work on it on another computer whose updates and security are questionable.
While business data breaches occur on a regular basis because of employee error, it’s absolutely preventable. By implementing strict guidelines and policies when employees are hired as to the handling of data and workflow processes, you can avoid most of the common errors that typically compromise a business’ data.