It is important for all employees in an organization to understand their roles and responsibilities when it comes to safeguarding sensitive data and protecting company resources. In order for employees to be successful, they need to be trained in security policies and practices they are expected to follow.
How can your employees help protect an organization when it comes to cybersecurity? Here are five tips we use at Cambridge Trust to create a safe and secure workplace:
- Develop clear policies and procedures of what employees can install on their workstations. As a best practice, users should not be permitted to install software without the appropriate authorization. There should be a centralized process to manage the installation of programs. Having a centralized process, makes it easier to manage an accurate inventory, patch and update critical programs, and manage security risks.
- Create a policy of complex passwords. The easiest and most effective way your employees can protect your data is through the use of complex passwords. Passwords should contain a mix of uppercase and lowercase letters, numbers, and symbols. They should be changed routinely and kept private. Sharing or writing down passwords should be against the policy.
- Train employees to identify malicious links and attachments. Employees should use caution when opening emails and not open anything from unknown sources, including links, attachments, tweets, or ads. They should also be instructed about your organization’s spam filters and how to use them to prevent unwanted, harmful email.
- Review the data storage strategy. Employees should be trained to store documents on a shared drive or machine that is backed up every night in the event that a file is accidentally lost or deleted.
- Encourage employees to be alert. Employees should report strange activity to the appropriate party. This can include a slow machine or unwanted programs running and be a sign that the machine is infected with malware or a program that is attempting malicious behavior.
By taking the above steps you should have a reduction in risk and an increase in your employee’s awareness of the cybersecurity issues you’re facing.