Cyber crime is one of the biggest threats to businesses in the 21st century and can be extremely costly if your business falls victim to it. In fact, it could put you out of business completely. Once upon a time internet security was the sole responsibility of IT departments, but nowadays every employee has a responsibility to ensure your company is kept safe.
Cyber attackers strike if they think there is a financial gain to be made, and companies are extremely good targets. Employees being lax with security details are like manna from heaven for cyber criminals, as they can gain access to systems and potentially to finances, commercial-in-confidence information, proprietary knowledge and other valuable information.
Having sound internet security policies and procedures in place can help to ensure that your company doesn’t become a victim of cyber crime. Here are some of the best ways to manage it.
1. Update and enforce your organization’s internet use policies
Give your staff clear guidelines about how they can use internet on company time and on company computers. This should include checking and sending personal emails, appropriate use of company email, accessing social media accounts and other entertainment websites.
2. Keep software patched
Vulnerabilities in older versions of software can be exploited and give cybercriminals a way to access your company. Not only should operating systems, such as Windows, be regularly patched, but other technologies that use the internet should be too. For example browsers, Flash, Quicktime and Java should always be up-to-date.
3. Educate your employees
Employees should be appraised of not only the risks, but the consequences of a lack of vigilance with internet security. A good way to communicate this message is via DeskAlerts, an internal communications solution that allows you to send messages to every employee in your company at the same time via pop-up notifications. It can be used to successfully run an education campaign, or alert everyone when there is an active threat.
4. Password security
The simpler a password is, the easier it is for criminals to guess. Best practice is to mandate employees use complex passwords with a minimum of at least eight characters and requiring numbers as well as capital letters or symbols. Passwords should also be changed frequently.
5. Set minimal privileges for users
If your organization still allows employees to have administrative privileges on their computers, you are running the risk that malware and other malicious software could be installed, compromising your systems. Users should only be given the minimum amount of administrative privileges that are required for them to carry out their jobs.
6. Take care with personal devices
Some organizations allow employees to bring their own devices. This isn’t necessarily about computers, but can include tablets and smartphones that have access to the company’s systems. If this is the case in your company, you need to be very clear about the importance of security and strict about enforcing rules around downloading and installing software and apps, securing sensitive information and following best practices with passwords.