(403) 210-2927    Get SUPPORT

OnSite I.T. Blog

IT Security Starts and Ends With Your Staff

IT Security Starts and Ends With Your Staff

We wish IT security was as simple as setting up a good firewall and installing an antivirus. We talk a lot about security solutions that cover a lot of your bases, such as our Unified Threat Management (UTM) system. While these enterprise-level solutions are important, any investment in protecting your network can be upended by a single act of user error.

You see, the bad guys are clever, and they wouldn’t be building malware and stealing data if it wasn’t lucrative, and the successful hackers are very good at beating the system. A huge trend that has been growing for years involve hackers doing more than just infecting computers the old-fashioned way; today they are targeting people using tactics like social engineering and offline infiltration. They know that they can get access to your network by asking the right user the right questions over the phone or via email. They know how to get just enough information to sound somewhat legitimate, too.

Get Everyone on Board
It’s up to you to establish a IT security mindset with your employees. It starts with management and needs to trickle down across the entire organization. Getting other C-levels closely looped in, and then office managers and even HR is a good way to make sure everything is being taken seriously.

Show That Security Isn’t Meant to Be a Burden
If you fire off new processes like two-factor authentication or push policies to employees phones without rallying them first, you’ll likely get moans, groans, and pushback. It will feel like you are making their jobs harder, when in reality you are actually protecting them and the organization. Instead, it’s a good idea to teach your people WHY security matters to them. Good employees want what’s best for the company and will see value in protecting the company if they understand that these new security processes aren’t designed to be roadblocks.

Have Regular IT Security Check-Ins
Whether you put together a weekly email or hold a monthly meeting, stick to it. If you make security enough of a priority that you don’t postpone a piece of your plan, your staff will feel the importance of it. Plus, this allows you to take smaller steps that ensure good habits are being put in place.

Reinforce Diplomatically
Until IT security mindfulness is achieved, the responsibility is on you to make sure your staff understands the new processes and procedures. This may include thoroughly documenting your security best practices, including it in the employee handbook, creating training videos, and hanging posters. Plus, as security threats and compliances evolve over time, so won’t some of your processes. As things change, you’ll need to update your materials.

After most of your staff seems to “get it,” you can establish the repercussions for failing to comply with company rules. Remember that most practices can be easily remediated - depending on the severity of the issue, a first-time offender probably doesn’t need to lose their job. That said, treating repeat offenses and blatant disregard for IT security should be dealt with swiftly and corrected. One weak link can do harm to the entire chain.

Encourage Issue Reporting and Support Requests
One of the biggest tools you can equip your people with is the ability to put in support requests and report on anything suspicious. If they don’t feel comfortable and encouraged to put in support requests, they might not raise their hand when something really serious is happening. This can be caused from either not wanting to bother management with something that seems unimportant, or from having a fear that they will get in trouble for potentially causing an issue. It’s critical that you establish a clear value to reporting issues and mistakes that happen.

That’s where OnSite I.T. comes in. We can not only help you establish the infrastructure to protect your business, but we can help enforce, audit, and support your organization. We can act as your in-house IT department and field employee support questions. Let us help you protect your business from the ever-increasing number of online and offline threats. Give us a call at (403) 210-2927 today and have a chat with one of our IT security experts.

Tip of the Week: Managing your Cloud Data
Antivirus Fights More than Just Viruses
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, January 21 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Best Practices Technology Business Computing Network Security User Tips Tech Term Productivity Privacy Smartphones Internet Cybersecurity Malware Efficiency Cloud Hardware Microsoft Communication Mobile Device Android Browser Network Wi-Fi Email Data Passwords Small Business Ransomware Google IT Support Backup Hosted Solutions Saving Money Collaboration Communications Wireless Mobile Devices Data Backup Business Management IT Services Applications Windows 10 Holiday Software Managed IT services Internet of Things Data recovery Users Innovation Outsourced IT Social Media Business Networking Managed IT Services Business Intelligence VoIP Information Smartphone Employer-Employee Relationship Marketing Workplace Tips Hackers Cloud Computing Blockchain Connectivity Data Management Miscellaneous Government Managed IT Service Computers Analytics Access Control Wireless Charging Automation Tech Terms Cortana Remote Monitoring and Management Artificial Intelligence Data Protection Computer Medical IT Cost Management Virtual Assistant Mobility Bandwidth Password Phishing Apps VPN Data Breach Managed Service Patch Management Microsoft Office BDR Excel Router Virtualization Gmail Compliance Save Money Remote Computing Voice over Internet Protocol Help Desk HP Websites User Security Storage Server disposal HIPAA Data loss Upgrade Paper Twitter Specifications Managing Stress Outlook Apple Telecommuting Proactive IT Word Technology Tips Knowledge Value Business Continuity Document Management Spam Streaming Media Dark Web Hard Drive Virus Law Enforcement Telephony Ink Reporting IT budget Inventory Conferencing G Suite Profitability iPhone Workers Maintenance Wearables Unified Communications Authentication Lead Generation Certification Paperless Office Dongle Business Technology Downloads Error Online Shopping Network Attached Storage Tip of the week Eliminating Downtime Processors Antivirus Voice over IP PowerPoint Mobile Security Office Bring Your Own Device Machine Learning Millennials Internet Explorer Analysis Healthcare Physical Security Backup and Disaster Recovery RAM Authorization Database Amazon Digital Trends User Tip BYOD Vulnerability Staff File Sharing Sports SaaS Operating System Content Filtering Safety Environment Hybrid Cloud Threat Laptop SSD Microsoft Teams Troubleshooting Cybercrime Training Edge Sales Gadgets A.I. Touchscreen Settings Wireless Internet Spyware eCommerce GDPR IT Management e-waste Cables WannaCry Telecommute Chrome Big Data Printing Facebook Hard Drives Comparison Company Culture Update Office 365 Tactics Plug-In Security Cameras Tablet Movies Microsoft Office 365 Battery Server Management How To Customer Service Regulation Mobile Office Domains Alert Windows 10 Mobile Device Management Public Speaking Managed Service Provider Disaster Recovery Two-factor Authentication Presentation Hiring/Firing Lithium-ion battery Augmented Reality Printers Fun Tech Support Wireless Technology 5G IBM The Internet of Things Productivity Data Security Remote Monitoring Hacker Quick Tips Budget Customer Relationship Management Competition Personal Information IP Address Website Search