Small businesses are the biggest targets of hackers and cyber-criminals. They are targeted because they are less likely to have strong – or any – security in place. But in many cases, hackers don’t need to use malicious code or cracking skills to get what they want. Instead, they rely on your biggest vulnerability: your own employees.

 

Why are employees your number one cyber-security threat? 

It all stems from a lack of training. Scams that are common sense to one employee or boss are not to another and, it is important to remember that hackers are experts at tricking people. Not every trick is easy to avoid, unless you are taught about them by a professional. Most of the time actions that lead to a breach in cyber-security are simple mistakes – but mistakes can result in MAJOR costs to your business.

 

Here are three things you can do to turn your employees from your biggest IT threat to your biggest IT asset:

 

1. Establish Regular Cyber Security Training

First and foremost, get everyone in your business trained on IT security. Wesley Simpson, the chief operating officer of (ISC)2, an international cyber security certification group, suggests thinking about IT education as “people patching.” Just as you continually update and patch your software and security, ongoing education serves to update, or patch, your employees. He says, “If you don’t get your people patched continually, you’re always going to have vulnerabilities.”

But don’t put the training solely on your shoulders. Work closely with a company that specializes in IT security. Doing it yourself can be stressful and time-consuming. An experienced IT firm is going to come in with all the education and resources you need to successfully train everyone in your organization on cyber threats targeting your business today.

 

2. Keep Cyber Security on Their Minds

While you may have training or educational sessions once a quarter or biannually (regular sessions are recommended), you still need to keep IT security in the minds of your employees on a weekly basis. During weekly meetings, for example, talk about a cyber security topic. Or, if you share news or links with your employees in a weekly, company-wide e-mail, for example, include a cyber security story or tips article. It’s all about utilizing systems you already have in place to keep your team informed and this important topic at the forefront.

 

3. Emphasize Safe Internet Usage Habits.

This should supplement regular training. Employees should always know the best practices when it comes to using the Internet, e-mail or anything else that brings them in contact with the World Wide Web. Part of it involves keeping the lines of communication open. If an employee sees something out of the ordinary come into their inbox, encourage them to bring it to the team’s attention – whether they’re telling their direct supervisor, manager or you. The easier the communication between everyone on your team, the easier it is to identify and stop attacks.

The goal is to eliminate guesswork. If an employee isn’t sure about an e-mail, they should be trained to ask questions and verify. On top of that, you should have a policy in place that prevents employees from installing unverified software, which includes apps and app extensions (such as browser extensions), without permission. And one more thing – stress safe Internet usage habits not just in the workplace but at home as well. This is especially critical if your employees are bringing in their own devices. If that’s the case, you should absolutely have a “bring your own device” (BYOD) security policy in place. It’s just another wall between your business and potential threats.

 

How do you get all this started? Good question! It all starts with reaching out. If you’re ready to lock down your business and you’re serious about educating your employees and turning them into your best defense, we can help. The best IT security you’ve ever had is one phone call away.

Click here to download the full April 2020 Newsletter!

Call us at 610-433-1000 for more information.