IT
It might be hard to believe but the biggest security risk posed to your organisation is actually posed by your employees.
A recent UK study (2015) revealed that 75 percent of large businesses suffered security-related breaches caused by their employees, with 50 percent of the most serious of these breaches caused by human error. Put simply, it's an issue your company can't afford to ignore.
There are many ways employees can endanger enterprise security whether they intend to do it maliciously or not.
1. Using work devices for personal reasons
Many employees put company IT systems at risk by downloading online games and apps, clicking on 'phishing' links and sharing unprotected files over the cloud. Many websites, particularly those with free games, contain malware. Even an innocent activity such as listening to online music during a lunch break can provide a gateway for a determined cybercriminal to access highly sensitive corporate data.
2. Employees logging in to public Wi-Fi networks or connective personal devices to your enterprises' Wi-Fi.
This is risky because it leaves your IT system vulnerable - it's best to assume that all hotspots are dangerous. One recent survey revealed that a massive 94 percent of employees regularly connect their personal laptops or mobile devices to the company's Wi-Fi network. It is estimated that 3 percent of Global 2000 employees smartphones are infected with malware. It doesn't take an expert to realise that this could seriously compromise your IT security.
3. Employees not using unique logins
Passwords are a reality of any modern workplace. Yet many employees see no issue with sharing passwords and login IDs. However, it is a big deal. Apart from password sharing making it almost impossible to determine the source of any security breach, sharing passwords leaves an organisation open to serious security infringements, rendering it vulnerable to internal and external data breaches and malicious system attacks.
However, remembering passwords can be time-consuming, particularly in a fast-paced service environment. There are alternatives to passwords that are becoming increasingly popular, such as fingerprint scans and other biometric methods.
What should you do?
-
Raise employee awareness: Knowledge is power - ensure all your employees from the top to the bottom of your organisation are fully aware of the risks surrounding shared logins and logging into public Wi-Fi networks.
-
Back up data: The best-protected systems may still fall victim to ransomware viruses. Regular backups are essential, ideally stored on an external hard drive.
-
Have a clear and coherent security policy. It's the best way of establishing best practice in the workplace.
It has never been more crucial for Irish companies to have a handle on their IT, especially with the forthcoming GDPR legislation. There are many benefits to having an outside company look after your IT infrastructure. Outsourcing to an outside company, such as IT Force, based in Dublin, which offers a wide range of IT solutions means that you don't have to invest in infrastructure or training. Taking advantage of a specialist company's expertise in a fast-moving field is often the easiest, fastest and most economically sound solution.
By Kieran Fallon of IT Force.