A common question we get asked is, do you think we need to train our staff about IT security?
And our reply, definitely yes.
Data breaches and hacks are becoming commonplace these days.
From small business right through to large multi-national corporations, no one is safe from cyber attacks.
There’s a wide range of information security protection available for a business, but the truth is most of the targeting is aimed at you and your employees.
So, it is crucial that everyone in your business understand the role they have to play in protecting your sensitive information and the data of your customers or clients.
Managed IT Services can provide a certain level of security for a business to protect digital assets and the data of their customers too.
But this doesn’t protect a business from someone clicking on a dodgy link in an email or creating an easy to hack password.
This has to come from constant security education and training programs and keeping up with the latest security trends.
And this is where Greendata can help your with your business IT security and cyber threats holistically.
Here’s some of the areas we can work on with you and your staff to help improve your data security.
IT Security Education and Training
Teaching or training employees about IT security shouldn’t be just mentioning “Watch out for clicking on dodgy email please” at your monthly meetings.
One of the first steps is making sure you prioritise your cybersecurity training and make it consistent and ongoing.
Greendata can handle this side of things for you with our face to face training and the more convenient, online security training.
We teach you and your staff how be more aware of potential threats old and new.
Everyone is held accountable to each other once everyone has the correct knowledge.
Onboarding of new staff should also be a big priority to a business.
We can also help you with this process in regard to IT Security too.
It’s more these days than just giving a new employee a new mobile, laptop, email address and a vehicle.
If they know the business security policy right from the beginning and have completed the security training, this should help mitigate disasters from happening.
After the initial security awareness training is complete, new staff members are on the same page as everyone else in your business.
Downloading Software and Apps
Another area that’s forgotten in security education is the area of software and apps.
They are so easily accessible now on all devices throughout a business.
Do you know what you can and can’t download onto your computer, phone or other devices?
Does your staff know?
Do you have people bringing their own device (BYOD) into your business?
Are all your devices covered with the same virus or security protection?
You can bet your Gran’s house on it that if you don’t know the answer to any of the above, your employees won’t know either.
Downloading any old app or software into your devices can be fraught with danger.
This is due to the potential risk of malware and dangerous links lurking and waiting for a download and then a click from an unsuspecting employee.
Virus protection, rules and guidelines covering downloads should be implemented and added to your IT Security Policy or your security documentation.
Again, one click on a dodgy app that adds a nice filter to the photos you took of your work fishing trip or saying “Yes” to sharing information during the setup of the software can have the potential to take your whole system down.
Not for a few hours either.
If you don’t have backups you could be down for weeks or months.
Picking the right Passwords
An often-overlooked security risk area is password creation.
And this is mainly due to the volume of passwords that are needed.
Passwords for work are usually not thought of as “that important” as an employee, and can often be very simple.
Who are we kidding?
Even some owners of businesses we work with have had absolutely shockingly easy passwords.
This can play into to the hands of the naughty people that want to get into your system and get their hands on your data.
Using the same password for everything you have to log into is dangerous as well.
Password education includes choosing the right passwords and also the importance of implementing a policy of changing your password constantly too.
Here’s some quick password tips for you;
- Make sure your password is long enough. At least eight characters is great.
- Use different character sets for your passwords. Uppercase, Lowercase, symbols and numerals should all be used somewhere in your passwords.
- Try not to use complete words. It may be easy for you to remember, it’s also easy for a hacker to crack.
- Make sure to change your password regularly. This can be setup as a policy in your system reminding all to change.
- Don’t use your favourite password across all of your accounts and website logins. Once they have it, they can then get access to all of your accounts and cause havoc.
Passwords can often be the first line of defence, make sure you make them strong for all of your accounts.
Also make sure to use Multi-Factor Authentication whenever you can (Greendata can help you with this also just call us on the below).
Backups of your data
The importance of backups and disaster recovery cannot be understated.
If your system goes down for whatever the reason and you have backups, you have a reset point.
Many don’t back up every device in their business either.
But as we’ve mentioned above, if the unthinkable happens and you don’t have a backup that can be reinstated quickly, you’re in trouble.
In regards for training in this area, it centres around knowing when to save and where to save.
If you and your employees know the reason for the backup system and saving files in a particular place, they’ll be more likely to follow it through.
So, it’s not only emails that need backing up, your files from all devices do too.
Spam, Phishing and Social Attacks
Perhaps the most well-known security issues are spam mail, phishing attacks and more recently social media attacks too.
There are many reasons for these types of attacks including getting into your system and also having access to your personal information.
It only takes one click of a spam email or phishing email link or trying to open a file attached to an email and your whole network can be compromised and taken over.
Once in, they can pretty much do what they want.
You wouldn’t even know they are there until they let you know or some crazy things start to happen.
Employees need to be educated on these issues to protect your network security.
This can include some of these:
- never clicking on links in suspect emails
- being wary of emails with attachments from people you don’t know
- not clicking on ads in emails and the identification of the dodgy emails in the first place
Further to this is being wary of people you know sending through unexpected emails with attachments or amazing offers of free stuff.
We’ve had clients sent an INV attachment from a customer that was unexpected.
They then try to open the PDF and in doing so, they’ve allowed entry to their whole system.
Social attacks are happening now too.
Poaching of information from employees via social media, clicks on ads that are linked out to dodgy websites are happening all of the time too.
You can never be too careful with human error security.
The best way to combat these cyber attacks is to be wary of them and also have a decent spam filter installed for emails.
And, of course constant refreshers and reminders that these attacks happen helps.
That’s where Greendata can come into bat for you again as you’ll read below.
Ongoing Refreshers and Updates
Updates doesn’t just mean updating your software and apps (although this is very good to do for your IT security as well).
Training on why IT security is important as well as being kept up to date on new developments and scams helps to keep your business locked down and safe.
Ongoing training and refreshers is the only way to do this to keep you and your staff up to date and aware.
Committing to a wide variety of approaches of education can help get your whole business on the same page in regard to cyber security.
Once everyone is aware, watching and monitoring, you have a better chance of staying safe.
Does your need staff IT Security training?
It is easy to blame staff if the unthinkable happens, but have you trained them?
Even if it’s you who clicks the link that plummets your business into the hacked abyss, have you been educated and do you have a system backup that can be reinstated quickly?
Did you even have the right level of protection for your business in the first place?
These are some of the initial questions you should be asking yourself.
If the answer is “No” for any of these, you need to get the ball rolling with an IT Security check up with Greendata.
After the consultation we should have a clear idea of where you’re at with your IT Security.
The usual next steps are making sure your system is secure and all of your devices are secure.
Then the IT security education can start and then become ongoing.
It may require that we help you setup your IT Security Policy and IT Security Incident Plan after the first consultation too.
IT security for a small business carries the same importance for a medium and a large corporation.
The consequences are the same for all if your system is compromised.
The Security Now Package is the Greendata’s next level of business security for our clients.
So, if you’re a current Greendata client, it may only add an extra $10 per user per month to your account as part of the upgrade to the Security Now Package.
Want to upgrade and your reading this on your phone?
Click the button to call us now.
If you’re new to Greendata and just really worried about your data and IT security, start with a consultation.
Then we work out where we’re heading from there.
An appointment or call back can be setup easily, if you’re on your phone just click on the button below.
If you want to book, just click on the appointment button below and lock in a time.
Finally, you could just leave a message here on our website via our Contact Page.