Employees, love them, or hate them; we need them to help us run our businesses. A great employee is a real asset. A bad employee, well let’s leave it at that. Each employee has little quirks of their own. They do things their own way. You don’t mind – it helps improve productivity, and it certainly makes the workplace more interesting.
That said, there are some areas where you can’t afford to have your employees do things their own way. Cybersecurity is one of those areas. Think of it this way – 94% of ransomware attacks are precipitated by a phishing email. That means that in 94% of cases, someone failed to recognize a dodgy email and did exactly what the phisher hoped they would.
And who was at fault here? You guessed it, employees of the company. But don’t be too hard on them. Phishers know their stuff. Very few people, yourself included, would be able to recognize a phishing email. Others are blissfully unaware of the risks, or simply don’t care.
Take your mail clerk, Dave. All Dave really has to do is to visit the post office, and sort and deliver the office mail. It’s not the most interesting job in the world, and Dave likes to take a break to surf online every now and again.
This would be harmless, except that Dave is using your network to do so. His little mailroom computer is supposed to be used to track mail that’s been sent out. Dave likes to use it to find the best new games to download.
Do you see where I’m going with this – your employees, wittingly or unwittingly, are your weakest link in the cybersecurity game.
What Can You Do About It?
At this point, education is your best option. You can start by checking over the infographic below. If the mind-boggling statistics regarding hacks aren’t enough to impress you, the dire consequences for small businesses when breached might.
Read through the IG to get tips on how better to manage your personal and business security. Then share the information with your staff. Forward them the link to this article and make sure that they read it as well.
From there, it’s a good idea to implement a formal security awareness training policy. This gives your employees all the tools that they need to make more considered decisions about protecting your data. In time, they’ll come to understand just how important we all are when it comes to combatting cybercrime.