Securing Your Business: The Basics of Employee Cyber Security Training

Sure Your Business with Employee Cyber Security Training

Cyber security threats are a more frequent occurrence within the workplace. As such, securing your business from a cyber security attack should be top priority.

Over the past three years, we have seen a sharp rise in cyber security attacks on businesses. Hackers have become increasingly sophisticated with their elaborate scams designed to fool even the most vigilant employees.

Implementing frequent employee training focused on security awareness is essential in securing your business to mitigate the risk of a cyber attack occurring.  Employee training should include:

  • keeping up-to-date about current security threats
  • understanding and applying company security policies
  • each employee has a personal role to keep a business safe from cyber threats.

Unfortunately, many businesses don’t know where to begin or what areas they should focus priority on when trying to secure their business. With so much to know and paths you can take, we understand the potential confusion. That’s why we’re here to help. Together, we can get your employees up to speed on the basics of security awareness or augment an existing program with additional education and guidance on good employee security policy and how it relates to the work streams of your business. Here’s a peek at some must haves as part of any good program:

  • Phishing and social engineering
  • Passwords and network access
  • Device security
  • Physical security

Phishing and Social Engineering

Social engineering is an attack that happens when a user is deceived into divulging information. Phishing, which is an attempt to get sensitive information like passwords and credit cards from someone through email or chat, is a common social engineering attack.

Why are phishing and other social engineering attacks so successful? Because they appear to come from a credible source, deceiving you into thinking it’s a piece of communication you can trust. Tell-tale signs of a phishing attempt include:

  • typos
  • links containing a string of random numbers and letters
  • an odd sense of urgency, or
  • a simple feeling something is amiss about the information being requested.

If a user feels something isn’t quite right, they should never click on a link or attachment or give out sensitive information. Employees should have a process in place for informing the right person or department in a timely manner if they believe they are receiving malicious email communications. If one employee is being targeted, it’s likely many others are, too. Alerting the right staff in a timely manner is critical for preventing a phishing scam from entering the network and spreading company wide.

Passwords and Network Access

Similarly, employees should be following best practices when it comes to passwords they’re creating, especially for passwords used to access IT environments. For many industries, enforcement of password policy is a compliance requirement. In general, passwords should be unique to each application and information source, at least eight characters, contain letters and special characters, and stay away from obvious information like names and birthdays. Update passwords every 90 days. Never store passwords on sticky notes affixed to monitors or keyboards or shared with other employees.

This may be less obvious, but employees should also be wary of network connections used outside of their home or work. Even if data on their device is encrypted, it’s not necessary that a connected network transfers that data in an encrypted format, which opens the door to many different vulnerabilities. Plus, public networks may be tapped, which puts all data exchanged on that network at risk. Use a trusted network connection or secure the connection with appropriate VPN settings. Employees should be mindful of the potential security ramifications when logging onto company resources from their local coffee shop’s network.

Device Security

In an era where more and more personal devices operate within the workplace, employees must understand the potential security risks of connecting to the enterprise network from their shiny new phone or tablet. The same threats posed to company desktops and laptops also apply to personal devices. Ideally, you will work with employees to ensure they have the means to securely access resources from their own device, but they should always be mindful of the websites they’re browsing, the applications they are installing, and the links they’re clicking on.

Physical Security

Cyber threats aren’t the only risks to be mindful of. Physical security also plays a role in keeping sensitive information protected. How often do employees mistakenly leave a mobile device or computer unattended? It happens to all of us. But, if someone were to swipe an unattended phone or log in to sensitive assets from a connected network session, all of your data could immediately be at risk.

This is an area of security often overlooked and in need of a good refresher, especially with so many employees now accustomed to working from home and out of practice with good office security measures such as:

  • Locking all devices. Employees should re-establish the habit of doing this every time they leave their desk.
  • Locking their docs. Sensitive materials should be stored in a locked cabinet and not left sitting on an open access desk.
  • Properly discarding info. When throwing away documents, users should be sure not to place sensitive papers into a general trash bin. The company should have a policy and process in place for appropriate and secure removal of such files.

Are you ready to get started? We’ve got you covered. Give us a call and let’s chat about your employee security awareness needs.

Managed IT Services Sydney | IT Support Sydney | Cyber Security Sydney

At Techstream Solutions, we are committed to providing trusted managed IT servicesIT support and Cyber Security Services to our clients.  We will deliver reliable end-to-end user IT support and implement innovative IT strategies and solutions to set your business up for success.  Best of all, making the switch to Techstream Solutions will be a stress-free experience.  We will understand your IT requirements and provide expert advice and solutions to complement your individual business requirements.

Overall, we can attend to all your business computer IT support requirements including managed IT services, cloud services, backup and recovery,  and cyber security services. Our IT consultants can manage every aspect of your ITC infrastructure projects and upgrades.

If you lack confidence with your current provider delivering the right results, why not call us for a chat today or arrange a FREE consultation with one of our IT professionals.

Get in touch to discuss your computer and IT support needs

 

What Our Client’s Say…

  • Northern Beaches Homewares Company

    Techstream Soluations Computer IT Services has provided the most optimum level of service,care, reliability,professionalism, efficiency EVERY time to our Northern Beaches Homewares Company since a business recommendation 2 years ago. They are the DREAM TEAM.

  • Rebecca Mitchell

    As a website developer, I rely on my computer to complete my work each day. Knowing that Techstream is available to fix whatever computer problems I may encounter gives me complete peace of mind. Their IT support is prompt and their computer support helpdesk team are always patient and understanding. I have used their onsite and remote computer support. I wouldn't have any hesitation recommending Techstream to all businesses - large and small.

  • JJ Metro West

    The Team at Techstream Solutions are always Reliable, Efficient and Friendly. No task is too big for them.

  • Clean Water Products

    We have been dealing with this company for many many years and I could not praise them enough for their great work, quick responses and everyone there knows what they are talking about and are very reliable & professional. Thank you Ralph and the team at Techstream Solutions.

  • Exceptional service. Ralph and his team always go above and beyond to help resolve any issues we have very promptly.

  • Risk Logic

    Highly recommend! Ralph and the team went out of their way to provide a customised IT solution when we set up our new office and the ongoing support for the last 3 years has been outstanding. Will definitely be using them again in the future.