In light of recent news your company has probably, hopefully, made securing your network a top priority. While the rest of your IT team is looking at how to protect your network from external threats- you can be one step ahead and make sure you are protecting your network from what experts are saying is the biggest threat- YOU.
Think back to how many times you have sent sensitive information to or from your personal email account. How many times have you taken home files, sent things to a cloud account, or created an account for something at work with a super easy, or heaven forbid recycled, password? You’re not alone, over half of all upper-level management, and about a quarter of lower-level employees, have confessed to the same security-sins. Now, just because everyone is doing it doesn’t make it okay- in fact, that makes it even worse. It means that hackers have several different methods they can exploit to get on to your network and lift information and go unnoticed.
How can you hedge this?
Now that you know you, and everyone else, are security risks you can put policies in place to diminish the chances of a hacker gaining access to your network.
- Password Policies- Why more than one? Without getting too technical and putting you to sleep- the shorter the password the easier it is to hack. If you are just running a password cracker on a weekly basis and requiring users to change their password you are basically putting sunscreen on after a day at the beach. That is to say, the damage has probably already been done. Requiring smart password creation and lengthy passwords for upper-level management with access to more sensitive information is your best defense in keeping password hackers out.
- Informed Users– It’s not enough to create a password policy if no one follows it, or doesn’t take it seriously. You might want to consider holding a short seminar on why smart password creation is important to making sure the company remains secure. We have created a quick Slideshare to save you a step. You can also download a Whitepaper that outlines the presentation if time is not available for a presentation.
- Secure BYOD Network- Is your BYOD Network secure? Are users looking at unsecure websites from their devices or workstations? While social media is now an important part of marketing for a large portion of companies it can also be a big distraction and an even bigger open door for hackers. Make sure your BYOD friendly network is secure.
- Pay Attention- As the article from Mashable.com cited- carelessness is a major cause of weak and unsecure networks. As an IT professional, sometimes you are the only line of defense between a hacker and your company’s files; as if you don’t have enough to do. Creating smart rules and making users aware of things they can look for to make sure the network is safe will be a big help to you, and will also keep users accountable for their actions on the network.
Want to read more about employee induced security threats? http://mashable.com/2014/01/20/cybersecurity-threat-survey/