Train your staff: Your first and best firewall
Protecting your organization against cyber threats can seem like a challenge that involves extremely high-tech wizardry, sophisticated knowledge etc.. Much of this is true. Protecting your data and your company against cyber threats requires skilled professionals. But that isn't only what is needed. The first line of defense in data security is everyday common sense and diligence on the part of everyone who works in your organization.
The first challenge in beefing up your data security is creating awareness among all of your employees that they really do have a serious role in data security. Many of the ways they can protect your data are simple, but until they are aware that they may represent a threat to data integrity they won’t take their role in protecting your company seriously. Provide training that both explains that their actions may unknowingly create problems, and then review what they can do to avoid trouble.
Training should not end. It should be an on-going focus in your organization.
Passwords Part 1 Remind everyone that simple passwords are unwise. Does your company mandate a certain level of complexity in password creation? Maybe you should.
Passwords Part 2 - No password sharing. We tend to trust most of our colleagues, so when logging in and out seems a nuisance, we are often willing to let a peer use a database we’ve already logged into so they can do some simple, quick task. Not a good idea.
Email and phishing scams - These are really easy to fall victim to. Emails that look like they are from a legit source, so we open them up and then click on a link inside. Explain that emails can be made to look like what they aren’t. Always be suspicious. Look at the email address to see if the domain matches the legit site.
Odd links - If someone you know sent you a link to a site, unless you absolutely know the email is legit and the link is safe, let it go. Email them back to verify.
Lonely hardware - Remind everyone: Never, ever put a thumb drive into their computer unless they know where it came from. No matter how much one knows better, if you find a thumb drive sitting on a desk, it can be extremely tempting to plug it in to see what’s on it.
Don’t. Just don’t.