Cyber Security Starts in the Workplace

Written by: TechSource Editor on Nov 06 2017

By Rob Chee, Iron Bow Technologies

Good workplace cyber security hygiene can mean the difference between an attempted attack and a massive data breach.

A recent Dell End-User Security Survey found that 72 percent of workers are willing to share confidential company information without relying on the organization’s data security rules. Even one instance of bad actors phishing for this kind of information could prove to be detrimental to a business.

From education to updating patches, there is a myriad of small steps to take that will add layers of extra protection to a company or federal agency’s networks and devices.

Education

Often times an employee is unaware of the security threats surrounding them. It’s doubtful they’ve heard of WannaCry or even know why a patch could save them from inviting cyber-invaders.

Those in the IT community can suffer from the “curse of knowledge,” meaning because we’re so deeply embedded in the security world we forget that average workers aren’t generally as plugged-in.

Employers should develop targeted training programs that help those who don’t understand the basics of cyber security and the things they can do on a daily basis to help mitigate the threat.

For example, Cisco sends out a quarterly phishing exercise email to every employee. This gives them a chance to become more skilled at spotting cyber attacks in a setting where, if they make a mistake, it won’t mean disaster. If a worker does click on the phishing email, they are notified and trained on how to better spot actual attacks.

In a Gartner blog from last year, analyst Avivah Litan proved how effective thoughtful training can be for a company. In 2014, a large Midwest energy firm set out to educate its workforce on cyber security and installed a team of business leaders across all sectors that met regularly to discuss and deploy education initiatives.

The results? The energy firm’s security instances dropped from over 400 in 2014, to less than 100 in 2016. That’s an 80 percent reduction and it didn’t take a system overhaul to do it.

Standardizing Practices

The National Cyber Security Alliance, a cyber security awareness group made up of top technology leaders, suggests laying out a clear program and guidelines for employees to follow. The simpler, the better.

Some suggestions include:

  • Clear cut rules for what programs, apps and data workers can install and keep on their computers
  • Best practices for strong passwords, including adding numbers and symbols as well as updating them frequently
  • Instructions and reminders on how to properly and safely back up work
  • Channels for speaking out if something seems strange on a worker’s device

These may seem like simple, mindless suggestions, but often employees don’t know the answers to these basic questions. Codifying them can be a huge help and streamline the education process.

Beyond the Office Walls

Cyber security in the workplace isn’t just relegated to the physical space. With nearly a quarter of the U.S. workforce telecommuting at least part of the week, the “office” has become any place with a Wi-Fi connection. And that’s as potentially dangerous to a company or government agency as working inside the physical office itself.

According to Iron Bow partner Cisco: “Many people equate ‘free’ Wi-Fi with ‘safe’ Wi-Fi, but that is simply not the case. With the connected workplace expanded well beyond company walls, both employers and their mobile workers need to approach online security differently.”

Employees should make sure their personal digital devices are always updated with the latest patches and bug fixes. This may seem like a small step in the sprawling landscape of cyber attacks, but recent breaches have proven otherwise. Both WannaCry and Nyetya attacks could have been prevented if users had upgraded their Windows devices to include a patch that closed up the vulnerability. That patch was made nearly two months before the WannaCry attack, but hundreds of thousands of people failed to update their devices.

Make Cyber Hygiene a Priority from the Top, Down

All of these suggestions are the least a company or agency can do to make sure their employees are practicing good cyber hygiene. There are many more ways to affect that goal, but the most import action to remember is that everyone, from the CEO or administrator on down, must be proactively committed to cyber security best practices in the workplace.



Related Post

Tags: > >

Posted by TechSource Editor on 06 Nov 2017 in : Cyber Security, No Comments on Cyber Security Starts in the Workplace

LEAVE A REPLY

  • Subscribe

  • Iron Bow Healthcare Solutions
  • Software-defined networking is helping federal agencies overcome big challenges. Find out how your agency can reduce operating costs, enhance security capabilities and reduce risks. Watch the video to learn more.

  • Categories

  • Resources

  • Follow Us

    Iron_BowIron Bow
    @Iron_Bow:
    Apple’s latest foray into the enterprise involves deeper integration with Cisco #TechNews https://t.co/cxiM6eWppd
    17 months ago
    Iron_BowIron Bow
    @Iron_Bow:
    10 Predictions for the Future of #IoT https://t.co/x4K4hFN0b7
    17 months ago
    Iron_BowIron Bow
    @Iron_Bow:
    Army network modernization drives security, bandwidth improvements #Army #DoD https://t.co/J7G8MLG8ad
    17 months ago
    Iron_BowIron Bow
    @Iron_Bow:
    Defense Digital Service looks to overhaul travel system #Defense https://t.co/ika034x9kl
    17 months ago
  • Archives

  • Iron Bow Healthcare Solutions