Companies collect and store enormous amounts of data. From billing invoices to customers' credit card information, so much of your business focuses on private data.
To succeed, you have to trust employees with this data. But, sometimes, even the most well-intentioned employee can make mistakes that leave your company vulnerable to cyberattacks.
We recently conducted a study to find out just how many businesses fear cyberattacks that stem from employee mistakes. More than half of businesses surveyed believe a lack of knowledge, carelessness or malice on an employee's part could lead to a cyberattack. Additional research shows 84% of cyberattack victims attribute the attack, at least in part, to human error, according to ComputerWeekly.com. So, what kind of employee mistakes leave your company open to cyberattacks? Here's a list of the seven most common employee mistakes and what you can do to fix them.
Email is the preferred form of business communication. The average person receives 235 emails every single day, according to The Radicati Group. With that many emails, it stands to reason that some are scams. Opening an unknown email, or an attachment inside an email, can release a virus that gives cybercriminals a backdoor into your company's digital home.
Mashable reported that 81% of adults use the same password for everything. Repetitive passwords that use personal information, such as a nickname or street address, are a problem. Cybercriminals have programs that mine public profiles for potential password combinations and plug in possibilities until one hits. They also use dictionary attacks that automatically try different words until they find a match.
Have you ever wandered through the office and spotted a sticky note on a screen with passwords written on it? It happens more often than you think. While you want a certain level of trust inside your organization, leaving passwords visible is too trusting.
In some cases, companies don't compartmentalize data. In other words, everyone from interns to board members can access the same company files. Giving everyone the same access to data increases the number of people who can leak, lose or mishandle information.
Research shows the majority of companies do offer cybersecurity training. However, only 25% of business executives believe the training is effective.
· Provide annual cybersecurity awareness training. Topics could include:
Your company should deploy antivirus software as a protective measure, but it shouldn't be up to employees to update it. At some companies, employees are prompted to make updates and can decide whether or not the updates take place. Employees likely say no to updates when they're in the middle of a project, since many updates force them to close programs or restart computers.
Antivirus updates are important, should be handled promptly and shouldn't be left to employees.
Do your employees have company cell phones, tablets or laptops? If so, do you have protocol in place to keep these devices secure? Many companies have a lax attitude toward mobile devices, but they present an easy target for cybercriminals.
Employees are human, and digital accidents can happen. However, if you take certain steps to safeguard devices and train employees, you can prevent cyberthreats.
Of course, managing your company's cybersecurity goes beyond employee education. Protecting a company's digital footprint and managing threats requires the help of a reputable cybersecurity company.