We hear it all the time: ‘Keep your data secure’, ‘Be Cyber Smart’, ‘stay safe online’.
But, what does it mean in an employee’s day to day life, how can they stay safe online and ensure adherence to your Cyber Security policy? Fortunately, we have put together five tangible things employees can do to protect themselves and company data.
One: Familiarise yourself with company security policies.
Whatever the size of the business you work for, it’s essential to understand why you might be vulnerable to cyber-attack and how to defend yourself. Your company’s cyber security policies and practices are the first lines of defence when it comes to keeping data secure. So it is an excellent plan to familiarise yourself with what is already in place.
- Email security policy
- Data Protection Policy
- IT Access policy
- Security Awareness and Training Guidelines policy
- Work From Home policy
Knowing what is expected of you as an employee in line with these policies will provide the tools you need to be a cyber smart ambassador for your company!
Two: Stay safe against phishing attacks.
Phishing emails appear genuine but try to trick you into revealing sensitive information. They might contain links to a malicious website or ask you to open an infected attachment. Spotting a phishing email can sometimes be challenging. Arm yourself with knowledge about how they operate so that you won’t be caught out.
- Phishers use your publicly available information to make their emails appear convincing. Think about what data you post on the internet about yourself and review your privacy settings.
- Find out about the techniques that phishers use in emails. These can include urgency or authority cues that pressurise you to act.
- Phishers often seek to exploit everyday business communications and processes. When you know your organisation’s policies and procedures, it makes it easier to spot unusual activity.
Check out our infographic on detecting a phishing attack here
Three: Get your devices secure.
Smartphones, tablets, laptops or desktop computers can all be vulnerable to both remote and physical attacks, but here is how you can protect from common attacks.
- Install software updates – they contain patches that keep your device secure. Your organisation may manage updates but if you are prompted to install any, make sure that you do.
- Lock your device when you are not using it. Using a PIN, password, or fingerprint/face ID will make it harder for attackers to gain access if a device is lost, stolen, or left unlocked.
- Don’t download dodgy apps. Instead, use official app stores (like Google Play ) as these protect from most viruses. Never download apps from unknown sources.
Four: Always set strong Passwords to stay safe online.
Attackers will first try the most common passwords (e.g.123456) or use publicly available information to try and access your accounts. If successful, they can use the same password to access your other accounts.
- Create a secure password for important accounts, such as by using three random words. Avoid using easily guessed passwords, such as dates, family and pet names.
- Use a separate password for your work account. If an online account gets compromised, you don’t want the attacker to know your work password.
- Use a Password Manager, such as Keeper, for protection against password-related breaches and cyber threats. There will be no need to write your passwords down when stored securely.
- Use two-factor authentication 2FA for important websites like banking and email. If you have the option, 2FA provides a way of double-checking that you are the person you are claiming to be when you’re using online services.
We hope that you’ve learned a thing or two about staying safe online. For more information about creating a robust password policy, see our infographic!