A huge barrier for many businesses today is finding the time and a budget to commit to educating employees about subjects that are not relevant to the industry. To explain further, you may be operating a travel business that is largely online – you spend most of your education budget on teaching employees about how the industry works but not on subjects that are not related to travel. One such topic that is often overlooked or never seems to find room in many company budgets is cybersecurity, yet, this is arguably one of the most important.
Teaching your employees about cybersecurity helps not only to secure your business but also gives the employees an idea of just what the risks are of being too brave by ignoring basic security.
However, we understand committing a budget towards educating your employees on this subject can be costly. Some of the companies that come in to teach this subject go into far too much detail and end up taking up half a day and often more time than this plus they are expensive.
Realistically all you need to do is make sure that your employees know the basics and we can give you those basics right here in a few brief bullet points. Take these points and send them in an email company-wide and make sure you get every employee to confirm he/she is following these cybersecurity processes – then administer a small test the next week to see how many of your employees have taken heed of these suggestions.
- Change your password every month – the password should be 10 characters in length use capitals as well as numbers, and it must not be a common word.
- Do not connect to public WiFi routers without a VPN – one of the issues with public WiFi is that they are hubs for hackers to access smartphones, tablets, and laptops. Tell your employees to check out using VPN software like express VPN gratis.
- Use encryption and password on sensitive files – sensitive files should always be password protected. Excel spreadsheets with sensitive customer information on them should use the excel password protection option.
- Do not send passwords and URLs in the same email – some people will send access information to areas of the company intranet or web-based systems in a single email. Instead, they should always use two different forms of communication. This could be something as simple as emailing the link to logon and using SMS for the username and password.
- Make sure anti-virus is installed – check that everyone is using anti-virus on their computer. If there is no anti-virus, then ask the employee to flag this issue so it is installed.
- Password protect USB keys – passing on information or storing it on USB thumb drives is risky because they can get lost easily. That said, it is perfectly OK to do this as long as the thumb drive uses encryption software.
These 6 suggestions are very basic and just the start to protecting your business from cyberattacks. If you want to learn more, then check out the 10-steps-to-cyber-security here.