Menu

5 Ways to Improve Cybersecurity in the Workplace

Oct 31, 2017 3:30:00 PM

The Internet has become so ingrained into our workplaces nowadays that most people don’t give a second thought to things like daily logins with easy to remember passwords. While second nature, this normalcy can have the unfortunate side effect of reduced online security for your workplace, whether intentional or not. Considering businesses deal with documents like W2’s, or other private information, it’s very important to have a strong plan in mind for your company when it comes to keeping your employee’s online usage secure.

Being safe online can be a lot easier than you may think, and since October is National Cybersecurity Awareness Month, we’ve compiled a quick list of ways you can stay safe online.

 1) Make sure your Internet Use Policy is up-to-date

Having an official Internet policy laid out for new, and current, employees is a must-have. Your employee handbook should include clearly defined guidelines about what websites can and can’t be visited during work hours. These can include:

  • Accessing social media
  • Personal email
  • Entertainment websites such as YouTube or other media streaming sites

Laying out these expectations beforehand can save a lot of trouble for you later on should any sort of online security be compromised.

 2) Password Strength

The Huffington Post revealed the most commonly used passwords of 2016 and while not unexpected, the top 10 were both easy to remember and easy to crack. These top 10 included such passwords as:

  • 123456
  • 111111
  • qwerty
  • password
  • 123123

Many of the above passwords could likely be a “default”, one that companies use with the expectation that a new employee will change said password after logging in. However, this is often not the case and a “default” or similar easy-to-remember password will likely be used. The company Keeper Security, a password management company, recommends, “[…] users to select a password that’s more than six characters long and contains a variety of characters — including numbers, uppercase and lowercase letters, and even special characters. The company also suggests avoiding full words, which it refers to as ‘dictionary terms.’” (Golgowski, 2017) What’s more, your IT/website administrators can enforce these practices by making regular password changes mandatory for anyone logging in to your businesses network.

 3) Avoiding Phishing

Most people in today’s world of the Internet know better than to click on a link, or open an email, claiming they’ve won millions of dollars from someone in a foreign country, but as people have wised-up, so too have phishing emails. One common workplace scam is for an email to use an email similar to one used by your IT department, i.e. yourworkplaceIT@yourbusiness.com becomes yourworkplace1T@yourbusiness.com, asking users to reset a password by entering in their current password(s). This of course captures the user’s login and usually locks them out of their account.

You can educate employees on these newer practices with mandatory, yearly Internet Safety seminars, and reminding employees that personal information is not to be shared via email. If something like a mass password reset will be required company wide, a good practice is to first send an email explaining the situation and giving a timeframe IT will be sending the reset-request email so employees know it’s safe to open.

 4) Software Installation

Any sort of software installation onto work computers should be handled by the IT department only. Period. Sure, employees might see this as a hassle, but the easiest way to prevent malicious software being downloaded to your company’s network is to limit who is authorized to download said software.

Speaking of software downloads, it’s also important to routinely scan work computers for any sort of threats. These can be set to be done automatically in the background as your employees work, or manually done by your IT department, possibly after normal work hours, as to not cause any interruptions during the day. Identifying these threats early, or immediately, is the best way to combat them.

 5) Personal Devices

This can be a tricky one; these days everyone has an Internet-enabled smart phone, tablet, laptop, etc. that could unintentionally cause security threats once connected to the company network. Setting the precedent that personal devices are not allowed on company networks is a common practice with businesses today. Some tech-savvy companies are even opting to get a second network strictly for personal devices, allowing employees to use their devices during breaks while maintaining the security of their main business-only network.

 How does your company’s Internet security stack up against our recommendations? Keeping your network, and business, safe is no small task; taking the time to evaluate your online security is something every company should do, and what better time than National Cybersecurity Awareness Month?  

 

Golgowski, N. (2017, Jan 18). HUFFPOST TECH. Retrieved from The Huffington Post: https://www.huffingtonpost.com/entry/2016-most-common-passwords_us_587f9663e4b0c147f0bc299d

About ProLiant

ProLiant puts the human in human resources. We provide a fully integrated, cloud-based HCM solution that simplifies payroll and HR processes. The company serves small to large clients in multiple industries in all 50 states and is committed to providing the highest quality customer service in the industry.

Subscribe to Blog

Subscribe by Email