We all have a role to play in keeping company data safe, whether that is employee, customer, or product data. A large company may employ IT professionals, or a small business may employ a single freelance consultant to handle more technical aspects of data security. However, there are everyday steps that all employees can and should follow to help keep company data secure.
Here are some things you and your employees can do today to help make sure data remains secure.
Physically locking information
If you have forms, products, expensive equipment, or any physical items that are valuable or contain secure information in your office or other physical space, lock those spaces. This simple measure can range from adding a lock for a storage or filing cabinet to keypads or card access locks for doors.
Also, employees should lock their computers and phones any time they step away from their computers or smartphones to prevent strangers or disgruntled employees from accessing and sending information without consent.
Passwords
The simplest way for hackers to get into a company’s systems is to find a password. The longer and more complicated a password is, the better.
Norton recommends the following for creating a secure password:
- Mixing upper and lowercase letters.
- Mixing in numbers and special characters.
- Avoiding real words or phrases.
- Avoiding identifiable information like dates or cities.
- Avoiding the repetition of passwords.
- Passwords should be at least 16 characters long.
It can be a challenge for employees to remember all these different passwords. Unfortunately, storing all of them in an Excel sheet on your computer is no longer a viable or secure option. Here are some tips from Gartner about ways to manage and remember all your different passwords.
Phishing scams
Many data breaches result from individual employees being phished — thus, the perpetrator gaining access to company systems or other passwords.
Scammers try to get your personal or business information by sending emails masquerading as a legitimate business, maybe one you work with or for. Most companies will never call or email you asking you to provide personal information unless you request that they do so. If an email looks and sounds too good to be true, it usually isn’t true. Here are some tips to help you spot and avoid phishing scams.
- The email is from someone you do not recognize.
- It contains a call for immediate action.
- Spelling mistakes appear in the title or body of the email.
- The email contains hyperlinks.
- Generic greetings are used.
Train your employees on what to watch out for
Ensure your employees know what to watch out for regarding phishing and other attacks. Check the sender’s email address if you see an email you suspect is a phishing scam. If it looks fishy, for example, if the name of the sender and the name in the email address don’t match, or the company name doesn’t match, it is probably a phishing scam.
It is essential to provide training to your employees on what to do if they come across a potential phishing scam, for example:
- Don’t open the email.
- Don’t click on any of the links.
- Don’t send personal information over email.
- Make sure your pop-up blocker and security filters for email are turned on.
Avoiding phishing scams is one of the most important things employees can do to help keep the company secure.
Transferring data securely
Data is often the most vulnerable to being intercepted or attacked when it is being transferred across systems, where it may not have as much protection. While employees can take many simple steps to secure data, it is harder to do that while transferring data across or within systems without expert help. Data Sauce offers expert help with their data migration services to ensure your data is transferred securely.
Conclusion
While technical know-how for IT security is essential for any business, the front lines of data security often fall squarely on employees’ shoulders. Even the most advanced security software may not work if your employees are not vigilant. Make sure that your employees are trained in and follow these simple practices to keep your company data secure!