Since June is Internet Safety Month, there’s no better time than now to take the proper precautions when it comes to cybersecurity for your employees and business. Did you know most ransomware threats arise from either malicious emails or a malicious website? With the overwhelming amount of jobs reliant on the World Wide Web, every business should have processes in place when it comes to internet safety. The following are a few tips to ensure you and you employees stay away from misadventures with the internet.
Steps to prevent phishing scams
First, let us understand what phishing is. An event of an online miscreant trying to fraudulently attain confidential information about the user, like, usernames, passwords and credit card is called phishing. These scams are done using disguise, where the scammers pose like a trustworthy entity. They use emails and SMSes to direct users to a fraudulent website posed as a renowned one and lead them to enter their personal details. Following are a few steps to be taken to prevent phishing within your organisation
- Making sure all employees are aware of what a phishing scam is and how to avoid it – is the most important of all the steps. This would be the perfect time to hold a seminar that teaches your employees about some do’s and don’ts relating to online safety.
- Create discussion- and help-forums to allow employees to report suspicious activity. It is also important to highlight the typical symptoms of a phishing scam to help them identify these suspicious activities.
- Implement a trustworthy antivirus software company-wide, to help reduce the threat of malware, spyware, ransomware and various phishing attacks.
- Keep all company computers and laptops up to date and make employees aware of when they need to conduct software and system updates.
Steps to control all portable media
Portable media can be a source of high-risk ransomware and malware.
When these devices are plugged into computer systems outside the office network (ones with less sturdy securities), there are chances that you can unknowingly copy a malware. This malware is then launched automatically, right when it is inserted into the office network computer. The portable media malware attacks are more dangerous than network-based attacks. This increased risk is because they can install malware inside of office firewalls and can be detected by only when major damage is done. Thus, it is very important to understand the measures to be taken for portable media within office premises.
- Portable media include cell phones, thumb drives, SD cards, and CD’s or anything else that could be used to download a saved file onto a different computer or device.
- If any of these media devices get lost or stolen, important and private information could be exposed.
- Create a management program for employees who are using any company-owned portable media. This system should hold people accountable and be highly secure.
Steps to implement appropriate access controls
Access rights form an important part of ensuring internet safety within the office. Based on the roles of the employees, access to proprietary and sensitive data should be restricted. Access control regulates who in the organization can view, edit and use computer resources. These controls minimize internet security risks. These access controls can either be physical – that relates to the physical location of an employee or be logical – department based, hierarchy based, etc. Organizations can use systems like the entry of user credentials, card readers and auditing to track unauthorized behaviour. Following are a few tips to follow to ensure access security.
- Not all employees have the same titles or job duties; therefore, not all employees should have full access to all company systems, devices, or programs.
- Make access exclusive, secure, and limited for certain employees to use.
- Follow protocols for all company-owned property and be sure to check on if it’s secure and safe for employees to work with.
To conclude, it is important to be well aware and prudent about the above three ways your organization’s system security can be threatened. Ensure every employee is well aware of what phishing is, have strict policies on controlling access and usage of portable media – these can go a long way in cybersecurity for your organisation.