IT services professionals aren’t typically known for their partying skills, but this month we’re celebrating. It’s National Cybersecurity Awareness Month—and if your organization is anything like most, it could use more awareness.
Every day, businesses invest hundreds of thousands of dollars into cybersecurity solutions, only to have employees undo them with the click of a button. Through disabling firewalls, sharing passwords, circumventing protocols for sensitive information and more, employees can do a lot of damage in pursuit of convenience. Here are some of the most frequent offenses and what you can do about them.
The problem with passwords
When password protocols are too complex, employees will find a way around them. In many cases, employees write passwords down or even create a document to save multiple passwords online. If someone were to break into your document storage service or physical facilities, it would take them no time at all to find a desktop file named passwords.doc or a sticky note taped to the monitor.
Employees also share account passwords, creating additional vulnerabilities. Insider threats are a common source of cybercrime, and sharing accounts makes it all the more difficult to pinpoint the source of the threat—not to mention giving unauthorized employees access to privileged data.
Make life easier for employees—and circumvent password debacles—by encouraging staff to use a single sign-on tool like OneLogin. These tools allow team members to create a single, secure password for all their applications, thus negating the need for multiple passwords. Use tools that enable easy sharing so there’s no need to share accounts.
The trouble with firewalls
Firewalls effectively protect sensitive information from outside users and keep attackers at bay. The problem comes when users disable firewalls to get around these limitations. Around 30 percent of network administrators admitted to turning off at least some of their firewall’s features, including anti-spam and anti-virus protections. The absence of these protections paves the way for network intrusions and data breaches.
Instead, opt for a next-generation firewall that will give employees the efficiency they need while securing your networks. With more intelligent filtering mechanisms, these devices can prioritize traffic to route the most important applications first, while still offering protections against ransomware and other malware in partnership with cybersecurity software like dual-layer virus blocking tools and intrusion and advanced threat detection systems. IT services professionals can help you identify compatible firewalls and configure them to keep you safe without deterring employee productivity.
The workflow workaround
For many organizations, the prerogative is productivity, whatever the cost. When you’re up against competitors and operating within a fast-moving market, you certainly can’t afford to sacrifice efficiency. And with modern tools like cloud storage and document sharing, it’s possible to move at a breakneck pace without the barriers of physical location.
Unfortunately, the new plethora of cloud-based tools also slows employees’ progress, as team members must log in frequently throughout the day, wasting precious minutes that could be spent on valuable work. Because of this inconvenience, employees may save information in unsecure locations (e.g. a desktop folder) or print sensitive documents for anyone to see.
The only way around this is to prioritize cybersecurity. Investing in proper cybersecurity protections and adhering to best practices is a bit like paying for insurance—a little annoying, sure, but better than the alternative.
The bottom line: Create a culture of cybersecurity awareness
All these harmful practices quickly unravel the protections your IT services teams have worked so hard to enact. The good news, however, is that you can protect your assets if you create a culture of cybersecurity awareness.
As an executive, you have the power to shape how employees prioritize cybersecurity. Start by designing comprehensive guidelines around proper device and network use, including password restrictions and document access. Educate employees on why cybersecurity matters, and keep the training coming throughout the year. Set attainable goals for business cybersecurity, and reward employees when they accomplish them. After all, when cake is involved, employees have a way of responding.
Want more? Keep National Cybersecurity Awareness Month going all year long by downloading our free Ultimate Cybersecurity Bundle. Free cybersecurity training resources? That’s definitely a reason to celebrate.