4 quick cyber security tips every employee should follow

/ Security
Last updated on April 15th, 2020

IT security - Four quick cyber-security tips every employee should know

Whilst most would assume the majority of cyber security breaches are the result of external weaknesses, your weakest security link is actually inside your business, sitting at your desk right now.

All too often cyber criminals are able to gain access to companies’ systems due to employee negligence, error or ignorance. According to a survey by Experian, more than half of organisations attribute a breach or security incident to a malicious of a negligent employee.

Protecting your company begins with employee education and training. If users are not aware of the risks out there and how their actions could potentially impact the business then the danger will continue to exist. Although businesses should already have security solutions in place, there are a few simple tips employees should follow which will help bolster that protection.

1. Always update apps and software

Although updates can be annoying they are necessary to maintain the maximum protection against potential threats. It is good practice to turn on automatic updates for all devices you work across (including any personal ones) if you haven’t done so already.

2. Avoid unsecured Wi-Fi networks

With office hours no longer strictly 9am-5pm, many employees now work remotely or on the go. Whether you’re working in a café, hotel or anywhere else outside the office you should always try to avoid connecting to unsecured public Wi-Fi hotspots, where it’s relatively easy for others to capture sensitive information such as emails, passwords and unencrypted instant messages. In the instance where there is no other option but to connect to a less secure network, it is recommended that you use a good quality virtual private network (VPN) when connecting to your business. Even if a hacker were to position themselves in between you and the Wi-Fi hotspot that data would be strongly encrypted.

3. Don’t reuse personal passwords for work

Thanks to the advice which stated that passwords should contain uppercase, lowercase, characters and numbers, many of us are suffering from password fatigue. It can be difficult enough to remember one complex password, let alone a whole string of them for the various applications we use inside and outside of work, so many people have resulted to using the same password across multiple accounts or just changing one minor detail, e.g. Password123! to Password234! Once one account is compromised, every account that uses the same password will be at risk.

This was demonstrated by the Dropbox breach back in 2012, which was the result of a stolen employee password. The employee used the same password for LinkedIn and to access Dropbox’s corporate network. After the LinkedIn data breach hackers were then able to use the password to access Dropbox’s corporate network and steal more than 60 million user credentials.

One stolen password has the potential to cause widespread damage, so it is really important to use a different one for each account. Luckily, the advice regarding passwords has now changed. Now it’s recommended to use a string of words to create a memorable passphrase, such as “footballapplegolf”. Not only is this more memorable but it is also much harder for a computer to crack.  If remembering multiple passphrases is an issue then it may be worth looking into a password manager.

4. Know how to spot a phishing scam

Emails are one of the most popular attack methods and it only takes one click for a virus to infect your systems. You should always be cautious when it comes to emails. Never reply to, follow links or open attachments from any unexpected or suspicious emails, even if the sender looks familiar.

When in doubt you should check the source first (one easy way is to check the full email address next to the sender’s name) and make sure the request is genuine. If you receive an urgent email,  supposedly from the Finance Manager, requesting a bank transfer verify the request in person or by phone. Hackers now take the time to craft a message which seems genuine, so it is always best to exercise caution.

Check out our full guide to identifying scam emails here.

/ Technical
Why you should switch to Office 365

Microsoft’s Office has been a staple for businesses for many years and that’s not about to change. Office 365 is the name for the package which includes the suite of Microsoft’s core programs as well as a cloud service, letting you stay connected wherever you are. But why should you switch to it? And what […]

/ IT Support
How to choose the right managed network provider

Managed networks have been around for many years, but this week was the first time I’ve heard someone refer to them as ‘network-as-a-service’. I’m not keen on this label it’s obviously just one of the plethora of IT terms that have had ‘as-a-service’ tagged onto the end of it. This is another clear example of […]

QuoStar gets gold partner green lights from Microsoft

For the third year running, Bournemouth and London based IT specialist QuoStar has achieved a full flush of Green Lights in a recent Microsoft Gold Partner Customer Satisfaction Index survey. Microsoft Gold Partners are judged on a number of criteria in five key performance areas that measure customer satisfaction in a survey independently administered for […]