How Much Do Your Employees Know About Your Company’s Internet Security Policies?

A software company recently did a survey of 2,000 office workers to find out how much they know about their company’s Internet security policies. They found as many as 74% of employees feel confident that they know and understand the policies. But as they started to dig into the information, it seems that the employees’ confidence is misplaced for a couple of reasons. One third of them have never received any training on IT security since they joined the company and more than two-thirds have been employed with the company for more than five years, which is a technological lifetime.

If your employees do not know anything about IT security or your latest online security policies, it will be very difficult to keep your company secure no matter how safe you feel your network is. Here are some tips on how to get your employees to help you keep your company more secure.

Education
Hold security training classes for existing employees as well as new hires. These classes should just cover the basics including why you are concerned with security; what the ramifications are to the company if they are the victims of cybercrime and their data is stolen. Make the classes relevant to the employee by incorporating elements they can use in their personal life as well, such as keep an eye on your online reputation, how to ensure your online transactions are secure, and give examples of current cybercrime threats to look out for. Keep in mind that some of your employees, based on their duties, may need a more dedicated approach and should have training sessions on a regular basis.

Regular Updates
With the constant changes in technology and online security landscape, your policies may need to change often as well. Make sure that all your employees are updated with the latest policy. You should also let your employees know if there is a new security threat going around so they know to look out for it both at work and at home. It may be a good idea to schedule the security updates on a regular basis, maybe once a quarter or even once a month, so it’s top of mind for your employees.

Computer Safety
In today’s office environment it is difficult to keep your network secure. Some companies have adopted the philosophy of “BYOC” (Bring Your Own Computer) while other companies have company laptops that are shared among several employees and used on the road, both examples that leaves your network vulnerable to viruses or other malware from the portable machine. Even if you only have desktops it is close to impossible to function without some level of Internet access and employees may also bring in CD-Roms or memory sticks that could be infected.

Laptops or other portable devices brought into your network as well as your existing desktops on the network must have the latest anti-virus, spyware, firewall, and anti-malware protection at all times. But as we all know, the anti-malware patches are only created after the malware itself has been discovered, at which point it may be too late.

To ensure complete protection when performing any online transaction that may leave your network vulnerable, install SafeCentral’s WebProtection™ on your desktops and laptops, and make it a requirement that any laptop or similar device that is brought in and hooked up to your network also must have it installed.

SafeCentral’s WebProtection™ operates under the assumption that your network is already infected and ensuring that your endpoint data is secure. WebProtection™ interprets and intercepts over 5,000 discrete Windows commands (from write to disk, to save in RAM and beyond) and effectively blocks all potentially dangerous activities except those processes needed for the transaction. Unlike other tools, WebProtection™ goes deep into the DNA of the Windows operating system and is able to control all processes during a secured transaction. In addition to making your machines safe to operate, WebProtection™ is flexible and offers enterprises multiple configuration options making it the only choice for companies that are employing VDIs, SSL VPNs, or using cloud services such as outsourced accounting systems, customer relationship management (CRM) tools, or enterprise resource planning (ERP).