January 5, 2017

Download

Whitepaper: Enhancing security, resilience and efficiency across a range of industries

Security tips

Five bad online security habits to give up in 2017

laptop-dongle-securityThe issue of cyber security is more in the media now than ever before.

A series of hacks on large national and global companies has highlighted two factors: cyber criminals are becoming more effective and companies need to constantly update their cyber security policy.

Yet security in your workplace doesn’t have to be complicated. There are steps all your employees can take on a daily basis to minimise the risk of security breaches and cyber attacks.

So if you want to make improving security your company’s new year’s resolution, here are five bad security habits your company needs to stop doing in 2017 .

  1. Stop using weak passwords

Passwords cause one of the biggest security headaches in every organisation, large or small. If your company doesn’t have a password policy, now is the time to get it.

Avoid easy to remember passwords like “password”, your name and birthday or your favourite football team. Cyber criminals will work these out in seconds and compromise your network security.

Aim for passwords of a 16-digit length, that include capital letters and special characters. A good tip is to use a phrase or song lyric as a password.

However, the most effective way to ensure your security is to use a random password generator or software that secretly stores your passwords for all your applications.

  1. Stop neglecting mobile devices

Looking after your security on your computer network is great but what about external devices. Any tablet or mobile that can connect to your network is a security risk and should be taken just as seriously as any other connected computer.

Ensure you have a separate security policy for all eternal devices that connect to your network. Enforce end-to-end encryption across all the devices that you provide and that can access your network.

  1. Stop forgetting your security settings

Having firewalls and intricate security software across your network is great, so use it effectively. Allow time for regular updates, you can even schedule them overnight and keep an eye on your firewalls and what sites you are allowing your employees to access.

Make sure security features can only be disabled by you or your security team and avoid granting user privileges to multiple users. Remember, the smaller the amount of people who have privileged access rights, the easier it will be to manage your security overall.

  1. Stop opening every email

This is a case for common sense. If an email looks suspicious, out of the ordinary or from someone you don’t know, they don’t open it, simple!

Check the context of emails and google the sender to see if it’s a legitimate business. Encourage all your employees to report any suspicious emails or pop-ups to yourself or your security team.

  1. Stop leaving yourself on display

Ever heard of a clear desk policy? Maybe it’s time to enforce one.

If your company is tightening up security on your network, encrypting all your devices and updating your firewalls and other security applications, then don’t forget the basics.

How many of your employees are writing passwords down on post it notes? Printing sensitive information and leaving it on the desk for all to see?

Trivial as it may seem, these small habits could. cause big security problems for your business. Make sure employees lock sensitive information away, avoid writing passwords down at all and keep computers locked when not in use.

Start stepping up security in 2017

Security should be a top priority for every business this year. While no amount of security steps, on or offline, can safeguard you against cyber crime, there are at least some simple steps you and your employees can take to help reduce the risk.

While much of it is common sense, start by updating your security policy and regularly educating your employees on what you expect of them. Ensuring the security of your organisation is a team effort.

The author, Rick Gray, is head of cyber security solutions at CSI Ltd 

 

 

Listen to the IFSEC Insider podcast!

Each month, the IFSEC Insider (formerly IFSEC Global) Security in Focus podcast brings you conversations with leading figures in the physical security industry. Covering everything from risk management principles and building a security culture, to the key trends ahead in tech and initiatives on diversity and inclusivity, the podcast keeps security professionals up to date with the latest hot topics in the sector.

Available online, and on Spotify, Apple Podcasts and Google Podcasts, tune in for an easy way to remain up to date on the issues affecting your role.

IFSECInsiderPodcastLogo
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments