If you saw last week's thoughts, you, like many others, probably noticed that my face was just a bit sunburned from going kayaking for several hours and neglecting to apply any sunscreen. Sometimes we just don't pay close enough attention to things like we should. That's why your number one threat to the security of your business is, unfortunately, you and your employees, like it or not. Human beings are our own worst enemies online, inviting hackers, viruses, data breaches, data loss, etc. through seemingly innocent actions taken online every day. In most cases, this is done without any malicious intent. But if you as a manager or owner aren't monitoring what websites your employees are visiting, what files they're sending and receiving, and even what they're putting into company email, you could be opening up yourself to a world of hurt. That's because employees actions can subject the company they work for to monetary loss, civil lawsuits, data theft, and even criminal charges if they involve the disclosure of confidential client patient information.
Two things you can do to reduce your risk is, one, create an acceptable use policy to outline what employees can and can't do with work devices, email data and the Internet. That way, they know how you expect them to play it safe. Second implement ongoing security training like these cybersecurity tips to keep security top of mind and show them what they should be looking for and what they should avoid. Your service provider should also run phishing security tests and score your employees. That will truly show if they really understand how to spot a suspicious email and make them realize how easy it is to be duped, your service provider should be able to help you set up both the acceptable use policy and employee training.
