Employees: Your Strongest Or Weakest Link In Cybersecurity

Larry Alton

A business organization can come up with detailed and advanced cybersecurity strategies, but it’s impossible to fully secure the business without help from your employees. And in many cases, employees prove to be the weakest link in the chain.

It all comes down to your people

Hackers are actually less of a threat than the employees you’ve hired and interact with daily, according to a study by Shred-It, a leading information security company.

According to the report, 47 percent of business leaders say human errors – such as accidental loss of a device or document – have led to data breaches within their organizations. The report surveyed more than 1,000 small business owners and executives in the United States, suggesting that efforts to strengthen your cybersecurity may need to center on your employees.

“Many of the most dangerous offenses by employees are things that they might not even think about as risky behavior,” CNBC reports. “A surprising number of workers surveyed by Shred-it admitted to bad security behavior at work; over 25 percent said that they leave their computer unlocked and unattended. Even taking notes on paper, or leaving papers out on your desk, can have unintended consequences.”

Fortunately, 78 percent of executives and 28 percent of small business owners plan to train their staff on better information-security policies and procedures in the coming months – and there’s nothing stopping you from doing the same in your organization.

How to empower your employees

Getting employees to understand the significance of cybersecurity threats is a start. But you also need to implement specific rules and processes that set your team up for success. Here are some suggestions:

1. Invest in thorough training

The right time to train employees on cybersecurity policies is when you onboard them. In doing so, you set clear expectations and provide a baseline of knowledge that can go with the employee throughout their time in the organization.

But training shouldn’t be limited to an isolated training session on the first day of work. Regular training should be implemented to keep employees on top of evolving threats and new processes.

2. Use the right tools

While there’s certainly a behavioral element to cybersecurity, there are also plenty of proactive steps you can take to ensure employees don’t find themselves in compromising situations.

Adopting a comprehensive small business security software solution is helpful in creating a sturdy backbone and generous safety net. Norton Antivirus is one good option.

Top10.com explains, “The program warns the user prior to downloading something that could be a threat, monitors apps and social media to screen out privacy risks and other threatening behavior, blocks spam from employee inboxes, remembers and secures usernames and passwords, and can locate lost or stolen devices and lock – and wipe – them remotely in order to keep data secure even in the event of theft.”

Again, you don’t want employees downloading risky apps, opening up spam emails, getting lazy with passwords, and leaving devices out in the open, but it’s nice to have some additional security mechanisms to protect you in situations where someone might be forgetful or irresponsible.

3. Establish strict remote working policies

The Shred-It study shows that 86 percent of C-suite executives and 60 percent of small business owners are in agreement that the risk of data breach is higher when employees work off-site than when they’re in the office.

To reduce your risk, make sure you have policies in place for how employees use company devices, access company information, communicate, and share data. It might be slightly cumbersome, but it’s better to be safer than sorry.

Prioritizing cybersecurity to the fullest

There are times when it may seem easier to focus on the tangible components of running your business – like reviewing sales numbers, shaping your advertising strategy, and meeting with clients to close deals. But don’t push cybersecurity to the back burner.

Even though much of the day-to-day happenings occur behind the scenes, strong security is equally as important as the elements of your business that require direct interaction and yield tactile responses. Empower your employees, hold them accountable, and stay the course.

For more on security strategies, see How To Protect Your Business Against Insider Attacks.

About Larry Alton

Larry is a freelance marketing & technology consultant with a background in IT. Follow him on Twitter @LarryAlton3.