There are federal laws in place that ensure companies enforce a number of cyber security measures to protect themselves against cybercrimes. These laws are a great way to encourage businesses to stay up-to-date on preventative tactics. Unfortunately, these guidelines mainly address the more technical side of cyber security and don’t put enough emphasis on human errors.
In the 2015 Verizon Data Breach Investigation Report, it was estimated that roughly 65% of all breaches involved a user meaning that a person made a mistake. There are so many ways to accidentally cause an attack like this, but most employees aren’t well-versed in what they’re doing wrong that contributes to the vulnerability of their company. Here are some common human errors associated with cyber security and how to avoid them.
Lack of Securing Information
A multitude of websites require passwords and we all know better than to write them down on a piece of paper in our office, but many do it anyway. It’s hard to keep track of so many passwords, especially when we tend to have different passwords for different sites. To secure handwritten passwords, keep them somewhere inaccessible to anyone other than yourself. The same goes for any sensitive information you may have lying around on your desk. A better way to keep track of all passwords and other sensitive information is to use a storage safety app or software to securely keep track of usernames, passwords and confidential information.
When sending company emails, make sure they are sent over a secure network. This helps to avoid potential hackers from easily accessing them on your computer or someone else’s computer. If you’re unsure of whether there is sensitive information in an email you are sending, send an encrypted email to be on the safe side. No harm, no foul.
Simply put, don’t share passwords with others. There’s no point, and it could lead to a long list of others suddenly acquiring personal or company information. The same thing can be said about unencrypted information.
Not Reporting Lost or Stolen Items
It’s unfortunate to lose your phone, computer or tablet. It is even worse when someone hacks into them and causes an information breach. If anything happens to your electronic devices, make sure to immediately report it to the proper authorities. Your mobile company can deactivate your phone and sometimes even wipe the information off your device. Plus, it allows authorities to keep an eye out for your stolen items and potentially catch the perpetrator.
One major aspect of human error is the lack of employee training. It’s not an employee’s fault if he or she isn’t trained properly on how to handle sensitive information. Make sure to have ongoing training so everyone is up to date on the newest cyber security measures. Training should be interactive, personal and practical to ensure employees pay attention and understand the material. Practice makes perfect, so make sure training is provided and send out monthly training tips in a company newsletter or email.
Redbud is a cyber security placement agency sought out by leaders who recognize the need to attract the best cyber security talent. Through Redbud’s extensive network of relationships, we can identify and secure individuals that represent the top tier of cyber professionals. Contact us for more information.