Cyber security starts with improving the individual responsibility of each user within an organization. A single user’s lack of responsibility may not only harm the individual, but could provide a platform for attack on other users within the network; older threats, such as viruses, have been replaced by sophisticated attacks that can cripple the entire organization’s IT system. Knowledge of how to protect computers and engaging in appropriate behavior while logged on to the corporate network, will decrease vulnerabilities.
How to Act Responsibly in Cyberspace
Cyber security is a shared responsibility, and each user has a role in preventing cyber threats. Every person should take these basic security measures to improve the organization’s cybersecurity.
1. Strong Passwords
Choosing a strong password cannot be stressed enough! Weak passwords are just as bad as no passwords at all, as they can be easily cracked by relatively simple hacking techniques. Strong, hard-to-crack passwords are normally the first line of defense against a security breach. Strong passwords generally cannot be found in the dictionary and include special characters or numbers.
2. Beware of Social Engineering
Not all threats come from online. The term “social engineering” describes a non-technical type of intrusion that relies mainly on human interaction – a scam or fraud, where people are deceived into disclosing valuable data, breaking the normal security procedures. Social engineering can take several forms, and is normally considered to be the easiest and most successful type of attack. One of the most traditional cracks is simply to call a person and ask them questions. Users should never divulge a password to anyone, including people who claim to be from customer service, nor communicate a password via telephone, e-mail or instant messaging.
3. Recognize the Importance (and Vulnerability) of their Data
One of the reasons social engineers are successful is because people are not aware of the value of the information they possess and are therefore not vigilant protecting it. Better security awareness by each individual facilitates businesses to safeguard their trade secrets and intellectual property, and decreases loss of productivity due to downtime.
4. Keeping Track of Business Data
In addition to keeping the information safe, protection of business data ensures compliance with relevant data protection rules and legislation. Employees downloading business documents to a public drive, attaching and sending unencrypted confidential documents from the workplace using personal (Web-based) email accounts, and downloading, storing and transferring unencrypted confidential documents from a workplace desktop to a generic USB drive are all examples of security risks that can arise in organizations involving negligent or malicious users.
5. Back Up Data
Data is one of the most important assets of the business; a lot of information, such as employee records, is irreplaceable. Users should plan ahead and back up critical data as preparation for worst-case scenarios.
Independent of the type of multi-layered defense one opts for to safeguard the corporate network, it must be combined with good judgment, common sense, and safe computing and safe Web surfing habits.
Author: Hazel Farrugia
You must be registered in order to write comments. To register as a new user click here.
If you're already registered, please leave a comment here