27 March 2017
IT Security Awareness: 10 Things Everyone in your Business Should Know
[vc_row][vc_column][vc_column_text]Cyber security is a major concern for many Australian businesses. With attacks becoming more frequent and increasingly sophisticated, the online choices our employees make are more significant than ever. Having appropriate IT systems in place is essential, however, often overlooked is user awareness, which can make all the difference in protecting your organisation.
Here we have compiled a list of 10 things everyone in your business should know about IT security:
1. Don’t get tricked into giving away company information
It is important to keep in mind that cyber criminals are successful because they are convincing. If you receive a request that seems odd or a little different to usual, always verify the source before giving away confidential company information. Internal requests by email may not always be legitimate, so don’t be afraid to do some extra checks if you are at all suspicious.
2. Never use an unprotected computer or device
When you access sensitive information from a non-secure computer you put the information you’re viewing at risk. Malicious software exists that allows hackers to watch what you are doing online when accessing unprotected sites. If you are ever unsure about the security of a device or website, don’t risk accessing your files or data.
3. Protect sensitive data and documents
Your customer’s data should be protected in a similar way you would protect your own personal information. Keep your desk tidy and lock away sensitive documents. And rather than place in the office bin, always shred or destroy customer documents when they are no longer required.
4. Lock your computer and mobile phone
Secure your personal information and company data by always locking your computer and mobile phone when you’re not using them. It is recommended that all devices be set to auto-lock after a set period of inactivity.
5. Stay alert and report suspicious activity
Be cautious of people you don’t know sending you requests. And not just online, requests by telephone can also pose a threat. Never disclose information without knowing the source and the reason for the request. You may not be the only person in the organisation receiving these types of enquiries so it is best to alert management or your IT team.
6. Password protect sensitive files and devices
Losing a device can happen to anyone, but by protecting it with a strong password, you make it difficult for someone to break in and steal the data. Go a step further by password-protecting sensitive files on your computer, USB, smartphone and laptop.
7. Use complex passwords
Never use obvious or easily guessed passwords. Create complex passwords by including different letter cases, numbers, and characters. And create unique passwords for different websites and devices, that way if one is hacked, your other accounts aren’t compromised. To assist, password management programs can securely store and generate new passwords.
8. Be cautious of suspicious emails and links
Always delete suspicious emails from people you don’t know, and never click on the links. Opening or viewing malicious emails can compromise your computer and network without you knowing it. Read our blog article for more on protecting your business from email threats.
9. Stay safe when using public Wi-Fi hotspots
Hotspots may be free and convenient, but you should be aware of the potential for online threats. Even on a password-protected network, hackers can attempt to intercept the signal and gain access to your information. Avoid logging into sites that require a username and password, turn off file sharing, and be aware of anyone looking over your shoulder.
10. Don’t install unauthorised programs
Malicious applications often pose as legitimate programs like games, tools or even antivirus software. They are capable of infecting your computer or entire network, so always check with IT before installing anything on your work computer.
Your people play an integral role in protecting your organisation from online threats. Create a security awareness plan, ensure appropriate IT systems and company processes are in place, and break down the above tips. By presenting them in smaller chunks at staff meetings or via weekly emails, your team will be more likely to remember them – and your business will be much less vulnerable to a security breach.
Talk to TechPath about how your IT security measures up.