The safety and security of your company’s intellectual property and the confidential data that you routinely collect, store and use may not be as robust as you think. As the owner or manager of an organization that maintains information subject to HIPAA privacy regulations or data that would destroy your bottom line if competitors got hold of it, security should be a top priority.
It’s especially crucial to consider what may be the weakest links in your company’s cybersecurity—your hackable employees. Given the fact that 93% of workers say they practice at least one severe form of data security (according to Entrepreneur) and that 23% of employees would steal data from their job, you will want to take a closer look at your organization’s security protocols and correct any weaknesses.
Common Aspects of Hackable Employees
Work with your Information Technology professionals to improve your organization’s security by focusing on the following five aspects of poor data management.
The bane of corporate IT departments, “shadow IT” refers to the practice of employees downloading unauthorized software for use on their work computers. They might have no ulterior motive to harm the company, such as wanting to use a new Web browser or a program to watch movies or play music during breaks.
But failing to consult with IT and get permission to install software exposes your company to malware that could lead to identity theft and other cyber crimes.
Employees who are lazy or who just do not realize the importance of using strong passwords can expose you to hackers bent on penetrating your network, vandalizing your website and stealing confidential documents.
Have your IT department remind each worker about setting up stronger passwords, using numbers and letters and some uppercase characters. A convenient way to make a difficult-to-guess password is to have employees come up with a phrase and use the first letter of each word such as “Let’s go to the beach Saturday at 3” to make a password “LgttbSa3.”
Access Continues Following Termination
Just as you would demand the key to the front door from a worker who is leaving your employ, you should always cut off their access to your computer systems. Change the employee’s computer password promptly (don’t forget to adjust the email login credentials and the password for voicemail).
Personal Cloud Computing
Cloud computing makes it easier for employees to share information with one another as well as access their own files from different devices. Unfortunately, workers may be tempted to upload sensitive company data to their personal cloud storage accounts, which will likely not have the same robust protection your IT department implements for the official cloud computing services you rely on.
Vulnerable to Social Engineering
Your IT staff should instruct employees not to write their passwords down on sticky notes attached to their computer monitor or on scraps of paper in the top drawer of their desk. A visitor may wander by the office and take note of the password.
At the same time, IT should remind workers not to give out information on the phone to strangers that could be used to guess passwords. Social engineering helps hackers figure out passwords that then give them full access to a company’s proprietary information.
For more details about how your business can protect itself against computer criminals stealing data because of employees failing to take security seriously, the team at Houston’s CITOC is standing by to assist you. Contact us at (713) 490-5000 or firstname.lastname@example.org today.