Keep cyber security top of mind for staff
Five practical ways mobile employees can help protect your business
According to Statistics Canada, more than 21% of Canadian businesses have been impacted by a cybersecurity incident which affected their operations. One-fifth of these were small businesses. As more devices connect remotely to business networks, companies that don't make security a key facet of their mobility management strategy could be courting disaster.
The effects of a cybersecurity incident can range from bothersome to catastrophic for business owners, and can be costly in many ways. Cyber attacks can be expensive and time consuming and may negatively affect a company’s reputation and erode customers’ trust. In terms of time lost, Statistics Canada states the average total downtime for businesses experiencing a cyber attack in 2017 was 23 hours, and included mobile devices, desktops and networks. Additionally, businesses can also be held liable if certain types of data are compromised, which can result in regulatory fines or even class action lawsuits.
As more work gets done outside the office on mobile devices, safeguarding against cybersecurity threats should be top of mind for all organizations, regardless of size. Businesses need to protect every device used for work while in the office or on the move—whether it’s corporately paid, BYOD, Android or iOS. Every device must be protected with advanced, multi-layered security technologies that block known and unknown threats, so your employees can securely connect to and download from any network, including public WiFi.
To ensure that your company’s tech is being used in the right way, you need to start with educating individuals using those devices — your employees. By properly educating staff you can transform them from potential risks into a robust first line of defense against cybercriminals. Here are five ways employees can help protect your business:
-
Be careful connecting to unsecured WiFi.
For employees who travel for work, or who work remotely, finding free WiFi at a coffee shop, in an airport or a hotel can feel like hitting the jackpot. Whether it’s an unsecured network or a secured network that requires a password or a login, public WiFi should always be used with caution. Ensure that employees understand that it’s always a risk to send sensitive information via public WiFi, and that even secured networks can be targeted by hackers. If possible, employees should use a virtual private network (VPN) solution to ensure that data is encrypted while being sent or received from a public WiFi network. Mobile security management (MSM) is another option for companies with mobile workers.
-
Show caution before you click.
From malware attacks and phishing scams to website redirects and Distributed Denial of Service (DDoS) attacks, hackers are becoming increasingly sophisticated in their methods. Employees need to look beyond the immediate red flags of misspellings and fake logos when watching out for suspicious emails. Before clicking on a link, the employee should hover over the link to see where the URL leads. Watch out for email addresses that might be close but are not exactly what they should be, such as an address ending in .co versus the more common .com or .ca. Additionally, employees should be suspicious of emails that request money, personal information or passwords.
-
Keep up with good housekeeping practices.
Changing passwords and updating software might seem like a chore for employees, but they may not understand how critical these pieces are to keeping a company safe. Implement policies requiring regular password updates for all mobile devices and company apps. Recycling or altering passwords should be discouraged because it introduces a security risk particularly if the same passwords are used in multiple places. If a hacker penetrates a password on one device or app, the possibility of “chaining” to access others using that password increases exponentially. Choosing unique, never before used passwords provides a much stronger front-line defense against hackers. Software updates often include patches to keep your network properly defended. Don’t let them lag.
-
Backup and store data properly.
Mobile workers who save everything on their devices and don’t use the convenient backup features available in cloud-based tools such as Microsoft 365 are inadvertently creating corporate security threats. Whether it’s a spilled cup of coffee destroying a laptop, a computer bag left in a taxi, or a ransomware attack that infects a device and locks out the user, keeping sensitive data on local devices is a risk. Backups are a good way to protect your company from potential data loss, from either a missing device or malicious hackers, so consider installing an automatic backup solution.
-
Make cybersecurity training a regular occurrence.
Rather than waiting for a breach to occur to refresh employee’s cybersecurity skills, make training a regular occurrence. This is as important for mobile employees as it is cubicle workers. Seminars are available to help staff develop good security habits, including what sort of networks to connect to while on the go, when to be suspicious of links, and how to safely access and store digital assets while working out of office. Educating employees on potential risks leads to a more alert mindset.
The good news is that you're already on the right path toward a more secure business. Rogers Business Internet customers benefit from built-in DNS security, which identifies and blocks known threats before they can do harm to your network, and customers using Rogers EMM solutions can fine tune the security of employee devices – including identity, apps, and content – using simple administrative controls. These tools combined with a vigilant mindset are a company's best defense against cyber attacks.