We’ve compiled the five most important cyber security tidbits for employees. Take a look:
1. Keeping a Clean Desktop and Mobile Device
The first order of business is to make sure your digital devices and work space are clean and secure. This means:
- Reduce or remove desktop clutter, stray files and changing information ends. Keeping a clean desktop and mobile device is vital to maintaining a tight, secure business area. Your desktop and mobile hygiene should extend to emptying the recycling bin, keeping deleted files low in number and updating often.
- Install software updates on all internet-connected devices, and set up automatic updates. Sometimes, automatic updates aren’t engaged immediately. Whenever new desktop and mobile updates become available, notify the IT Services (ITS) department to get up to date. If you work with your own private devices, it is highly recommended to strategize with our department. In addition, discuss antivirus and anti-malware solutions with our administrator, and focus on a streamlined approach to device protection.
2. Using Good Password Practices
That said, you can secure your workplace by choosing wise password practices:
- Make strong, unique passwords for all accounts. Everybody needs to understand the importance of making strong, unique passwords to protect all of their accounts. You should create passwords that are longer than 8 characters in length, have a combination of letters, numbers, and special characters, and should not contain “guessable” words and phrases. For additional tips on how to create strong passwords, you can also look at this password creation guide.
3. How to Identify Suspicious Links and Emails
Unfortunately, we live in a world of phishing emails, malicious links, sketchy websites, and malware. Phishing attacks are rampant, and you’ll absolutely need to know on how to identify these signs of a phishing email:
- Check the email display name. Never trust an email’s display name. Email display name spoofing is very common, and it’s destroyed hundreds of big brands from the inside out. If a fraudster wants to spoof a brand, they’ll hide behind a fake, yet similar, display name. Check every email’s header address, rather than trusting a display name blindly. If you are not sure about a email, either delete it, or call for assistance from our ITS department.
- Check for spelling errors. Examine every message’s salutation, too. Any urgent content in an email’s first line, too, should be reported, and any in-body links should always be subject to workplace clearance before they’re expected to be clicked.
- Don’t respond to the “urgency” trick. To encourage you to click a malicious link or share sensitive information promptly, a hacker will often use language in their emails that creates a sense of urgency. In this case, you should always validate or report the email to an IT administrator before performing any additional actions.
4. Backing Up Work and Protecting Sensitive Documents
It’s important to keep multiple copies of vital documents, but it’s even more important to ensure their storage. Workplace computer crashes, virus infections and even hardware destruction can happen. Data loss is often unexpected.
- Storing sensitive information properly. Try to avoid storing sensitive information directly on the work computer’s desktop, in a Word document, an Excel sheet, or other unencrypted files and folders. Remove sensitive information from your phone’s Notes app. Sticky notes, stray paper, and other writing platforms should never contain important information, like passwords, email addresses, usernames, etc. Important physical documents and removable storage devices, like flash drives, should be locked in a filing cabinet when not in use.
- The fundamentals of file backup. It’s important to keep multiple copies of vital documents, but it’s even more important to ensure their storage. Our employees drives on the computer are frequently backed up. Therefore, save important files under your drive.
5. Reporting Data Breaches and Cyber Threats
In any workplace, communication is absolutely key.
- Report suspicious programs or activity immediately. Along with suspicious link reporting, email security and online judgment, any sign of malware, adware or viruses should be reported on the spot. While, presumably, your workplace’s computers are outfitted with anti-virus software, they’ll still send up a red flag when suspicious activity occurs. Before you file an in-house report for every email, we suggest that you report it directly in your Gmail. To do so, open the email, click next to the Reply , the Down arrow . Click Report Phishing. They then isolate the threat, neutralize it and immediately determine its origin. For every other virus or threat, don’t hesitate and report it to us.
- Quarantine the virus and remove it as soon as possible. Some anti-virus software kits come with a “quarantine” option to reduce a potential virus’ threat and give an opening for examination. This approach can be useful, but don’t place your workplace in unnecessary risk by keeping shady files and programs around. Again, keep everything clean.