News & Insights

 
Opinion17th January 2017

10 Cyber Security Measures Your Employees Need to Know

IT Security Solutions are essential, but their effectiveness decreases if the threat is inside your company’s firewalls. Due to this, the biggest cyber security risk your company faces is sitting in your offices. If employees unknowingly introduce malware into your IT infrastructure, it can be a nightmare to resolve the situation – no matter how good your IT services are. The best solution is prevention, which is why all professionals need to know these 10 cyber security measures.

  1. Stop charging personal phones off the computers

Most of us charge phones off our computers’ USB ports without a second thought. However, if employees are charging their personal phones, they could end up transmitting a virus. Some malware attaches to devices, and then auto-installs on any connected computers. As a result, no personal hardware like phones, network drives, USBs, or external hard disks should be used with company computers.

  1. Keep computers clean

All employees should ask the IT Services department before downloading programs to their computers. Even seemingly harmless programmes can disguise serious cyber security risks. Even if you just want to download Spotify to create an office playlist, all downloads should receive prior authorisation. Or, you could update your IT security solutions, and remove the option for users to install additional programs by themselves.

  1. Don’t click that link

If a link looks suspicious, it probably is. However, it might surprise you to learn it’s not only email links you should be wary of. Links on online ads, messages and attachments can also wreak havoc on your IT infrastructure and negatively affect IT business continuity. Even social media, a place where most of us are complacent about cyber security, has a spate of suspicious links.

  1. Lock devices when unattended

At Action Point we have a time honoured tradition. Every time a new employee joins the company, we give them a small test. Once they leave for the evening, one of their helpful colleagues checks to see if they’ve locked their computer. If they haven’t, they come in to work the next day to an inbox full of warning emails – from themselves. The importance of locking their computers whenever unattended soon becomes habit.

  1. Beware open WiFi connections

Finding free WiFi is usually cause for celebration. However, when you connect to an open network, the data you’re sending is exposed to all other users of this network. If this is sensitive information, problems can arise if it’s intercepted. Even worse, some networks are open specifically for this purpose. As a result, if you don’t know exactly where the source of the WiFi is – don’t connect to it on a work device.

IT Services

  1. Use proper password practices

One of the foundations of any IT security solutions should be password protection. Surprisingly, choosing a combination of letters, numbers and symbols makes little difference. Password composition doesn’t actually make a difference to strength, instead efforts are better focused blocking the most common passwords and using two-factor authentication. More advice on password protection is available from our partner Sophos, here.

  1. Report suspicious activity

If you think there’s cause for concern, make sure to immediately inform your IT services provider. Whether it’s a suspicious link, a pop-up that won’t go away, or something that you accidentally downloaded, it’s better to be safe than sorry. Once a virus is inside your firewall, the company’s IT security solutions aren’t nearly as effective. As a result, it’s important to be proactive with cyber security to protect your IT business continuity.

  1. Keep firewalls up to date

Your IT security solutions are only as good as their last update. As such, it should be company policy to regularly update anti-malware programs. While handling updates is usually included in IT services agreements, you should still be aware of any part you need to play. If any updates need to be initiated by a device user, make sure these are completed in a timely manner to remain secure.

  1. Don’t email sensitive information

If you need to share sensitive information like passwords, financial details or customer data, make sure you don’t do so over email. It’s far easier to intercept these than you may realize. Instead, use a secure file transfer system to encrypt the information and restrict access. As best practice, you should also implement this policy for internal emails as well.

  1. Scan for malware regularly

Initiate a malware scan of your device every week. Though it’s unlikely that malware would make it on to a computer if the above steps are followed, it’s always best to be certain when it comes to the security of your IT infrastructure. These are easily implemented, and while you complete work,  they’ll simply run in the background.

Want to find out more about upgrading your cyber security?

For more advice on improving your company’s IT security solutions, get in touch with our team today. We’re experts in IT services, and would be happy to discuss the actions your business can take to remain secure.