Are Your Employees Cyber Security Assets or Liabilities?
Good employees are a company's most valuable asset. They should be effective, optimistic, adaptive, and easily work in teams. However, even employees with these qualities can do substantial harm when they are clueless about, or reject cyber security protocols. This rejection may occur when security measures are regarded as inconveniences or impediments to their productivity. Employees become cyber security liabilities in a number of ways, including:
Poor Password Management
Remembering lengthy passwords with a high degree of randomness is difficult for the average person. While there are mnemonic methods for easing this problem, managing multiple strong passwords that require periodic changes, still isn't easy. Using a password management tool is an effective way of surmounting this difficulty.
Beyond using strong passwords, employees must exercise care about where they store passwords and about sharing them. Placing passwords on pieces of paper inside a desk, on sticky notes, and in unencrypted files are examples of poor password management. Password sharing is avoided by using applications or systems that accommodate multiple users with unique login credentials.
Failing to Update Software
The arms race between evolving cyber criminal techniques and their countermeasure development occurs at a frenetic pace. As a result, employees must perform frequent security updates of their applications and other software. These include operating systems, content management systems, and browsers. Employees may become weary of continually performing these updates, particularly when the process conflicts with productivity. Nevertheless, they must either allow this software to auto update or perform manual updates.
Mistakes Caused by Distraction
Poor focus on the task at hand can cause an employee to accidentally store sensitive data in an unsecured location, or click on a dangerous link. Distractions come in many forms, such as conversation, excessive multitasking, or unexpected interruptions. Distractions can be emotional in nature, such as arguments with colleagues, personal problems, or job stress.
Ex-Employee System Access
Companies lacking an out-boarding procedure for blocking ex employee system access, weaken their cyber security with each employee who leaves. The greater the turnover rate, the faster the problem accelerates. Laid off employees and those leaving under less than friendly circumstances, may use their system access for nefarious purposes.
Even ethical ex employees may forget to destroy their access credentials, which may be stolen if their computing devices are stolen or hacked. The same problem exists with ex subcontractors with system access.
When assessing your cyber security, consider all its aspects, including the human element. For more insights, information, and answers to your security questions, contact us today.