Professional Development
Employee Security and Awareness Training
When investing in new technology, internal processes and procedures for use of that technology must be set and communicated correctly. However, it is equally important to train your employees on security measures.
This type of professional development should be implemented regardless of whether your employees are using their own devices or company equipment.
1. AUTHENTICATION
Of course, your employees must use complex passwords, and must never tell these passwords to anyone. This is because if their computer, laptop, smartphone, or any other device gets stolen, not only will the thief control all the data on this device – he will also be able to penetrate your company network and create havoc with your company data.
2. NETWORK CONNECTION
The connection to the Internet through the mobile telecom provider (i.e., 3G or 4G) is considered the most secure wireless connection, but is often the most expensive. Of course, using a fixed line is more secure than any wireless connection.The company can also consider using a VPN service, causing all of the data that are transmitted to be encrypted before they leave the computer.
3. ACCESS TO THE DEVICE
Train employees to never provide access to their device to anyone. It can be a huge security risk, but also, someone borrowing a device doesn't have to perform any malicious activity. In this instance, files can be accidentally deleted, which can ruin a project or program.
4. PHYSICAL SECURITY
Devices should be kept with users or stored and locked in a facility with no public access.
5. DATA ENCRYPTION
Even with security measures in place, equipment can still be stolen, which is why all data should be protected with encryption. Since many data are now transferred or archived through the cloud, encrypting also makes sense. Most cloud providers claim they encrypt the data in their systems; but consider encrypting the data before they reach the cloud.
6. BACKUP
Make sure employees have the right backup system in place and that backup is updated regularly. Often, a simple cloud service will do, meaning that data are stored in at least two places.
7. SOFTWARE INSTALLATION AND PATCHING
Provide a list of allowed software to your employees, and allow the installation of only that software onto the devices that are used for business purposes.
8. BASIC SECURITY “HYGIENE”
There are some security practices that should be considered as "business as usual," including:
Anti-virus software
The firewall on the computer should be turned on
Links in emails should be clicked very carefully
Surfing the Internet on suspicious websites should be avoided.
Transferring data with USB flash drives, as they can infect computer with viruses
Remember that simply purchasing new technology won’t increase your level of security. Teach people how to use technology properly and explain why security measures and training is needed in the first place.
For more information about this website, click the contact button below.
Source:
https://www.tripwire.com/state-of-security/security-awareness/8-security-practices-to-use-in-your-employee-training-and-awareness-program/