What are the top 3 security mistakes made in businesses

Security is a big concern for organizations today. Especially since many businesses are working partly/fully remote. Cyberattacks are increasing steadily, and becoming more intelligent. Unfortunately, antivirus software, firewalls, and encryption can only go so far. With almost 90% of all attacks resulting from human error, it’s easy to see how the attackers can slip in the back door.

Here are the top three mistakes employees are making, and what you can do to help prevent these mistakes from happening at your workplace.

Recycled passwords

This one continues to make the top of the list. Unfortunately, employees often have to log into several systems at work, not to mention all the ones at home. There are only so many “good” passwords that go through a person’s head and trying to remember computer-generated passwords in nearly impossible. 

People tend to go one of two ways — they either pick the perfect password and reuse it for every account they have, or they pick the perfect password and put it on a sticky note under the keyboard. Neither of these is a great option.

Have your employees spend time picking new passwords, using a combination of upper and lowercase letters, numbers, and special characters. Remind them often about the importance of using different passwords for each system. Set up an expiration so that they have to choose new passwords every 30, 60, or 90 days. Frequently changing the password will help mitigate risk. Also, monitoring your network for attacks can stop them before they start.

Lack of executive adoption

One of the primary reasons that cybersecurity was developed is because of the lack of executive driven security minded culture throughout the business community. This has been shifting in the last few years due to cyberattacks that have had a significant impact on the unprepared. 

The first thing an organization must do is to decide that they will protect their organization by governing security as they would any other business strategic component. Certainly this can seem daunting due to all the things to consider and to govern, but it doesn’t have to be. If you find the right managed security provider, it becomes simple.

Lean on the experts and you can adopt the right balance between internal and external expertise similar to your corporate accountant or attorney. Want to learn more about how IND can help with the heavy lifting in this area to drive a culture of safety and security? Contact us today for a free security readiness gap analysis.

Internal security issues

As if it’s not bad enough that companies constantly worry about cyberattacks. They also must keep an eye on the workplace itself as some attacks come from within their own walls. 

Employees leave their desks for any number of reasons during the day, often forgetting to lock their computers before they go.  Visitors are often in the workplace and can unintentionally get hold of information they weren’t meant to see, passing it on to someone who should not see it.

Make sure employees lock their computers and clean up their workstations before they leave their desks. The extra few minutes can save the company from a big headache later on. Make sure the company has a managed security plan in place to monitor for these attacks.

Keep your employees aware of the latest attack activities in the workplace. Make sure new employees go through a cybersecurity training class when they start their employment and be sure to refresh that training with current employees once a year. The more knowledge your employees have, the less likely your company is to be attacked. 

Start taking action

Your company needs the right kind of cybersecurity to ensure your employees are up to date on current practices. Prepare your business and know what to do before any mistakes are made that could cost your business money. IND will help you develop a backup plan for the worst-case scenario. Contact us to learn more about how we can help.