Your coworkers on the IT team are not the only ones who should feel responsible for cybersecurity in the workplace. Every employee, either on campus or at home, should feel accountable for the security of their networks and devices.
With the increasingly interconnected world we live in today, there are unfortunately constant and countless opportunities for cyberattacks. It is important to understand how to take proactive steps towards your cybersecurity, so you don’t find yourself in a position where your own information is at stake, or the personal information of your fellow employees.
Hackers, or “the bad guys”, are getting much smarter and more creative. But unfortunately, in cyber crime they don’t even necessarily have to. We still haven’t seen the biggest threats from a couple of years ago go away, while new ones appear every day. Strengthen your awareness of the most common cybersecurity threats in the workplace, and you will actively be putting an end to the basic tricks hackers have been successfully using for years.
Investigate to Ensure Legitimacy
Phishing attacks are the most common cause of cybersecurity breaches. It’s crucial to always critically evaluate emails and links before opening them. Realize that even though an email could appear as though it’s being sent within the confines of your office, that’s not always the case. Today’s hackers have the technology to generate phishing emails from what appear to be familiar email addresses.
If something seems too good to be true, or if you have a gut feeling that something is off, trust that gut feeling! For example, let’s say you receive an email from the HR department asking you to reply online and disclose salary information. Do you think that the HR department would actually ask for personal information like that over an email? If it were that important, wouldn’t they mail the information or set up a meeting in person to discuss? If any other questions run through your mind – investigate! If it doesn’t feel right, there’s no harm in seeking further explanation or confirming legitimacy before disclosing your personal information online.
Would You Want Your Boss to See That?
Remember that anything you do on your work-provided technology – including personal devices being used over the corporate network – can be seen by your company. Avoid downloading unnecessary files, illegally obtaining music or films, or accessing inappropriate websites, even after office hours or off-site. Don’t make the false assumption of thinking that the work provided technology is yours when you’re connected at home or off the clock. Your company has the right to look at all of your communications and everything you’re doing because they are paying for your connection.
You wouldn’t let your toddler use your work calendar as a coloring book, would you? Use the same guidelines with your work technology. Refrain from letting your children play games or download apps on your work computer or phone. Try to get in the habit of keeping your home technology and work technology completely separate. That way, you can rest assure that whatever you or your family is doing on personal equipment will not impact the security of others at work.
Do Not DIY
Work with your IT department instead of against them. If you’re having a hard time doing something online at work, ask the IT team to help you before you go searching for other ways to manage. They can help you get what you need while still being secure. They’ll be happy you asked instead of opening up the entire company to risks by trying to find your own solution.
This is one of the more creative attacks hackers have come up with, often used to intrude in the government sector. Hackers will put a USB drive with malware in the parking lot of a company, in hopes that an employee will find it and want to investigate. Unfortunately, employees sometimes will pick it up, wonder whose it is, and plug it in their computer to find out. Once it’s plugged in, a virus can be activated, and hackers could then have access to their computer and network.
Again, the IT department at your workplace is there for a reason! Let the IT team do the detective work and don’t plug anything into your work computer without knowing the origin. The IT team has specific tools they can use to find out what the hardware is, where it came from and whether it is safe of not – all without introducing vulnerabilities.
Every Employee Plays a Role
No matter who you are, it’s important to make cybersecurity a top priority – especially in the workplace. All end users within a network have the important duty of being on the lookout for attacks on their devices, as well as reporting any unusual behavior. When every employee is active in securing their individual channels, the entire company network is attaining a stronger and more holistic security posture.