You may think you have great security protocols in place and the best security software, but if your employees don’t follow best security practices it may have all been for nothing; and your company data will still be vulnerable to attacks. It’s important to educate your employees about data security and why it’s imperative to follow the security policies within the company so they can help you keep it safe.
In today’s work place where it’s more common to bring in laptops, smartphones, USB memory sticks, and other external devices to the office, it is very difficult to keep the network secure and free from malware. Educating your employees, helping them understand your reasons for the security policies, and explaining the consequences of a security breach will be a huge benefit to your company.
According to the first annual ISACA Risk/Reward Barometer survey, the top three ways employees add risks for IT and the business are:
- Not protecting confidential work data appropriately (50 percent)
- Not fully understanding IT policies (33 percent)
- Using non-approved software or online services for their work (32 percent)
- Malware 101 – Go through some of the most common types of malware, how they can infect your network, and what to look out for.
- Phishing 101 – Make sure employees are aware of how phishing attacks work and what they try to accomplish.
- Security Policies 101 – Explain why you put specific security policies in place and what the purpose is behind each policy.
- Consequences – Show examples of security breaches at other companies, what the outcome was and what impact it had on the company brand and image.
No comments:
Post a Comment