Hyve logo

Discuss your hosting requirements with us today

The human element of IT security

What role do employees play in an organisation’s cybersecurity defences?

Hyve Managed Hosting

featured image

How employees are often the weakest link within a business

Cybersecurity should be at the forefront of every IT manager’s mind when running a business. But no matter what protocols you put in place, your security solution will only be as strong as your weakest link. 

Let’s look at why your employees can be the biggest security threat to your business.

Falling for phishing scams

Email scams are the most common phishing attack that a company tends to encounter. Emails that appear to be from reliable sources are sent to employees with the intent of convincing them to download malicious software or hand over sensitive information.  

According to a report by vpnAlert, Google and Facebook lost $100 million to a single phishing attack in 2 years. This staggering statistic should be enough to incentivise employers to put measures in place to reduce phishing scams. 

Many workers believe that the necessary safeguards are in place to protect them from phishing attacks, yet hackers are always evolving. The technology of a company may not always be up to date with the increasingly sophisticated phishing assaults and link frauds. All the while employees depend on the company’s IT security, they are a last line of defence and must be trained to identify the warning signals of a cyber assault.

Using the same password for multiple platforms

Companies use a number of resources to assist employees with general tasks including email, project management tools and accounting software. Password management doesn’t usually make the cut in the ‘basic tools package’ and is often a second thought. 

Employees should be taught the fundamentals of password awareness, including how to create a unique, secure password, the importance of changing passwords regularly and the importance of using different passwords across platforms. Implementing a company password policy and introducing a password management tool, such as LastPass, can break the cycle of bad password habits.

Laziness and carelessness

Laziness and carelessness by employees can result in small mistakes with large consequences. Misdelivery of information, failure to keep software updated and incautious use of public networks can all increase vulnerability to cyber assaults. After the pandemic, the number of remote job roles has increased in line with the bring-your-own-device trend, which can be a gateway for foul play. Employee awareness is more important now than ever before to ensure cyber safety whilst working from remote locations without direct oversight of IT support teams

What can you do as an employee to stay secure?

Completing quick and simple safety checks prior to installing applications and programmes can reduce the risks involved, such as:

  • Check the website address, and then check again

Look for either HTTPS at the beginning of the address or a lock symbol. These sites are secured through SSL/TLS encryption and have a certificate to prove this. Take another look at the domain to ensure it is the site that you think it is. 

  • Use active virus and malware scanners

This software can scan files before installation and prevent you from downloading files that contain viruses and malware inside them.

  • Try to avoid giving personal information such as email addresses during installation

How can we address the employee dilemma?

It’s important to note that the human element of IT security is less about deliberate untoward actions of employees than innocent mistakes made by people who fail to apply basic security training, or who fall prey to malicious phishing emails.

To ensure employees don’t fall into this trap and risk exposing sensitive company data, there must be clarity and transparency about security policies and why they exist; otherwise, it’s easy to ignore them. 

The ability of employees to recognise and avoid potential hazards is increased by implementing frequent security training across all roles. The risk of being exposed to threats is reduced by utilising updated technology and a proactive, trained workforce. Your organisation will be better protected from the rising number of cyberattacks with excellent security practices and modern infrastructure.

For more information on how you can secure your IT infrastructure, contact [email protected] today

 

Get cloud insights to your inbox

Email icon
Alert icon
check circle

By submitting your email, you consent to the processing of your personal data for the purposes of receiving Inbox Insights emails. View our privacy policy for full details.

Insights related to Blog

The Overlooked Ways a Managed Service Provider Supports Your Business
Read our insight
How Hyve intends to win over German SMEs
Read our insight
telephone
Background image

Get in touch

Alert icon
check circle
Alert icon
check circle
Alert icon
check circle
Email icon
Alert icon
check circle
Lock icon

We don't send spam to our users

Alert icon
check circle

0 of 4000 max characters

telephone