Did you know that 95% of security breaches are caused by internal human errors?
The poor security habits followed by your employees can act as a catalyst for various cyber threats and put the organization’s data at risk. Although this sounds distressing, there are always ways to replace bad habits with good ones.
Here are 5 common employee habits that can adversely impact a business’s security:
1 – Poor Documentation Practices
- Employees who rely on manual documentation tend to miss key information, which creates room for errors and puts data at risk.
- Employees who do not create or document a disaster plan for themselves or are not aware/trained on what to do post a cyberattack, tend to lose vital company data that can never be retrieved.
Multiple employees view, edit and share your critical document throughout the day. Without tracking who is accessing the documents, your data is more likely to get misplaced. You also need to incorporate access permissions, version controls (etc) to limit access to critical data.
A lack of rules for accessing data from external networks can easily put your data at risk. You need to encrypt both your data transfer and storage.
2 – Poor Password Practices
- According to Cisco, 18% of employees share passwords with their coworkers.
- Softchoiceestimates that 20% of employees keep their passwords in plain sight.
Weak passwords may not seem like much for an individual employee. However, when dozens of employees practice poor password hygiene, it provides hundreds of entry points to hackers.
Using the same password for every software/app or setting an easily guessable password is one of the most common reasons why companies get hacked.
Many employees also make the mistake of storing passwords in unsecured, easily accessible documentation storage platforms.
3 -Shared Access to Important Files
When multiple employees share access to critical documents, it becomes hard to keep track of who can access them. You need strict policies to monitor who has access to what. Also, set up a mechanism for authenticating each individual user when accessing critical documents.
When a document is circulated among several users, it becomes difficult to identify who made the edits. This increases the risk of documents being tampered with or outdated information being used. Rather than circulating it through emails or private messages, use a document management system that allows proper versioning with logs and edit info.
4 – Disregard for Security Training & Measures
- About 48% of employees didn’t believe that the security policies applied to their role.
Many employees turn their backs on regular/annual security training since they feel it doesn’t apply to them.
Some employees even ignore company-offered security solutions like VPNs, auto data backup, and recovery apps out of sheer incomprehension or laziness.
5 – Creating Personal Accounts with Corporate Logins
- About 20% of employees reuse their passwords for corporate (work) and personal applications.
- It is estimated that 41% of employees use personal apps to access sensitive data while working from home.
By doing this, employees are basically putting their passwords and credentials out in the open, making themselves and the data they hold easy targets.
Doing the same with unauthorized or unsafe websites can result in huge damage and loss, sometimes pushing an organization to the point of no return.
How CommWest Will Help
We are a comprehensive resource for our client partners. This means we advise on all levels of your technology, including cybersecurity.
- Guidance on how to utilize your NAS or server for file storage, establishing permissions, and backup
- Utilizing 2-Factor Authentication and recommended password policies
- Ability to track login(s) and identify common internal threats
- Educational materials and resources
ADDITIONAL READING: