You understand the paramount importance of cyber security. You also understand that the weakest link in your security efforts is often your own employees. Through negligence, oversight, and simple misunderstanding, the people using your IT are the ones exposing it to the greatest amount of risk.
Luckily, there are ways you can improve user behavior and encourage the adoption of best practices, as we wrote about in part one of this series. But, in order to plug up every possible hole, you have to identify the location of every single leak.
For that reason, we have put together a list of the 10 most common ways that employees undercut corporate cyber security.
The Human Factor of Cyber Security
- Losing a Device – It’s common to leave a laptop in an airport or a phone in the back of a cab. The device can be replaced, but the data housed inside it can’t, and there is no telling who has access to it now.
- Password Sharing – This takes two forms – sharing a password across multiple sites or logins, or sharing a password with coworkers. In both cases it creates huge security liabilities.
- Bad Passwords – We are all guilty of picking passwords based on how easy they are to remember. But passwords that are easy to remember are also easy to guess.
- Lax Building Security – One unlocked door or cracked window can let an unauthorized intruder get into your building and gain direct access to your entire IT infrastructure.
- Weak Security Programs – Users can only be partially blamed for cyber security issues if the cyber security education and enforcement programs in place are ineffective.
- Phishing Schemes – These schemes are specifically designed to trick users into giving up access, and as they become more sophisticated and more subtle they also become more effective.
- Social Media – Facebook, Twitter, and Pintrest are littered with malware and click bait links to dangerous sites. Users also run the risk of inadvertently posting sensitive corporate information to their profiles.
- Lack of Patches – Keeping patches up to date is crucial for responding to new security threats. Too many employees choose to put off patching until it’s too late.
- Unencrypted Data – Encrypting data is a relatively easy and absolutely essential security measure, but also one that often gets neglected.
- Shadow IT – When employees access their own accounts or use their own devices at work it undercuts the entire cyber security infrastructure.
It can be maddening to realize just how easy it is for your own employees to put your data at risk. But if you take a proactive approach combining IT staff and cyber security technology, you can protect your data from even the most advanced threats. Get the help you need finding qualified cyber security professionals by working with The Squires Group.
