Your Most Loyal Employees Could Be Your Company’s Biggest Security Risk

If your business is like most today, you rely heavily on technology to accomplish your work. You have also spent a great deal of time and money making sure that you have good cybersecurity practices in place. While things like an up-to-date firewall and careful control over who has access to various assets are vital components in a secure network, very often individual workstations (your employee’s desktop and laptop computers) are weak links. These assets pose a significant risk because users are often trying to get their work done quickly and don’t always understand the security implications of their actions. In fact, human error – mistakes and accidents caused by employees that simply don’t know better – continue to be the leading cause of data breaches.

Due to constantly changing threats and increasingly sneaky cybercriminals lurking for unsuspecting victims, securing employee workstations is more important now than ever before. But, how do you assure that staff members can still meet their daily work objectives while keeping confidential business data safe? Read on for our advice about locking down your company workstations to prevent damaging security breaches.

How do I know if cybercriminals are accessing my network?

First, let’s consider some telltale signs that the “bad guys” have already accessed your network through vulnerabilities in your cybersecurity systems. The obvious sign that security has been breached will be the presence of pop-ups and applications on a workstation that the employee does not remember installing, but that are now seemingly taking over the computer.

Unfortunately, not all rogue software shouts about its presence. Many viruses quietly install in the background and may even lie dormant for long periods of time until activated from a remote location. If not caught by a comprehensive antivirus solution that’s running on a regular basis, these harmful applications can provide your confidential data such as financial information, passwords, and client contact lists directly to thieves. Often, no one in your company even knows a breach has occurred, and the disaster may not be discovered right away. This is why the most damaging breaches are often the ones you do not realize have occurred.

Who are these cybercriminals anyway?

So, who are you letting in through the holes in your company’s cybersecurity solutions? Sometimes thieves are merely amateurs (bored teenagers) who are just trying to be disruptive. But, more likely, off-shore cybercriminal rings and micro-terrorist organizations are to blame. They are not just playing around, and are looking to steal actual money from your business. You must use every cybersecurity tool available to minimize your business’s exposure or risk tangible losses. Moreover, if you are a smaller business with fewer IT resources, you may be a particular target.

Ten tips for “locking down” your company’s workstations

1. Make sure users do not have any higher levels of access on their individual computers than they need for accomplishing their work. Administrator privileges should be granted
2. Make it company policy not to allow free or pirated software onto your network. These applications are more likely to have malicious embedded components that search for passwords and credit card numbers and can launch attacks from your network.
3. Make sure you have good quality, up-to-date antivirus protection installed on each PC and laptop.
4. Make sure you have good quality, up-to-date anti-malware solutions to complement your antivirus protection. Anti-malware examines websites that your employees are visiting and can block phishing websites. These nefarious sites, which can look astonishingly authentic, attempt to trick users into submitting sensitive data like account numbers and login credentials for the real websites they imitate—like that of your bank.
5. Keep all your operating system (Windows, Mac OS) software updated with current patches and security updates.
6. When workstations are no longer able to be updated due to unsupported operating systems, perform upgrades or replace. Replacement may seem expensive, but it could save you from a much more costly data breach.
7. Keep all third party software updated with patches and bug fixes released by the manufacturer.
8. Enforce an Acceptable Use Policy and make your staff aware of the risks of not governing themselves appropriately while using their computers. Some training may be required to educate employees on what appropriate governance means.
9. Never share or reuse passwords. An automated process that forces employees to change their passwords every 60-90 days is beneficial. Assure that everyone is using complex passwords containing a combination of letters, symbols, and numbers.
10. For users who need remote access, make sure you have the most secure solution possible. Hijackers can intercept information as it is being transmitted between your network and your remote user if these connections are not protected.

Mobile Devices are Also at Risk

Asking employees to be more careful about where they keep their laptops, phones, and tablets is an excellent first step in making sure these devices are secure, but accidents happen, and thieves are always on the prowl. That is why it is so important to take measures to secure any mobile devices you and your staff use to access your company’s network. A few key points in a mobile device security plan include:

Encrypt All Information – On laptops, drive encryption software such as BitLocker can secure all the data on your hard drive. On phones and tablets, encrypting data may be as easy as setting a passcode or fingerprint scan to unlock the device.

Multi-Level Access Security – Setting a strong password on your laptop, and a passcode on your phone and tablet is necessary, but consider putting two-factor authentication in place to prove your identity. If you have a fingerprint scanner on your device, this is helpful, or require a text message to your phone to unlock your computer, for example.

Log/Back-Up Information – It is critical to log and back-up all information on business laptops, tablets, and phones regularly in case these hardworking devices get destroyed.

Plan for Losses – What happens when an employee loses or accidentally destroys a laptop? If you do not have a specific action plan in place on how to deal with these unfortunate certainties, you need to create one immediately.

There is indeed a lot to remember in assuring that your employees are helping to keep your electronic assets and data secure as opposed to hindering your business’s cybersecurity. If your head is swimming or you know that you need a better plan, but don’t have time to deal with it, contact us for a free Lockdown Assessment now. Technical Action Group is ready to respond to all of your business’s cybersecurity needs.