A constant barrage of news about major data breaches at companies like Sony Pictures, Target, Home Depot, eBay and others has many company officers, including CISOs, on edge about the possibility of a hacking attack on their business. It is an understandable concern since hacking is on the rise worldwide, and no company is 100% safe.
Employees are typically the weakest link in the security chain. No matter how secure the on-premise or cloud server environment, if an employee or vendor uses weak passwords or falls for a phishing fraud or keylogger fraud and gives up login credentials, company data is at risk. So how can you keep your sensitive information safe? Here are three tips that can help you improve cyber safety:
Require employees to use strong passwords on all devices.
Many high-profile hacking incidents begin with a compromised password, so make sure employees create passwords with upper and lowercase letters, numbers and symbols. Also, make it a policy to use a separate password for each site and to change it every 30-60 days. A good password management system like RoboForm can automate the process and eliminate the need to remember multiple passwords.
Educate employees on best practices and provide ongoing support.
Passwords are not always cracked due to carelessness; some employees simply do not know how to protect themselves online. That is why it is a good idea to sponsor training to help team members learn how to manage passwords effectively and avoid falling for phishing and keylogger frauds. With ongoing support and the right resources, employees can keep company information safer.
Make employees accountable for cyber security.
Once everyone receives the training and resources they need, hold employees accountable, including managers. Provide a detailed online security manual that outlines your policy, and make sure employees sign an acknowledgement form after training to indicate that they understand how to stay safe online and will abide by company policies.
CISO play a key role in managing risk and keeping data safe, and your responsibility extends beyond your immediate direct reports. By making sure employees know how to operate safely and giving them the tools and resources, they need, you can help to keep your company sounder in an increasingly risky cyber security environment.
About the Author:
Bill Carey is Vice President of Marketing & Business Development at Siber Systems Inc., which offers the top-rated RoboForm Password Manager solution.