These days, companies spend significant sums of money to protect themselves from cyber criminals. The threat matrix is vast, and attacks can come from almost any quarter. That is why many companies not only spend heavily on antivirus software, but also on a wide range of tools that IT security professionals can leverage to intercept attacks "at the gates" and prevent attackers from ever breaching their defenses.
Further, many companies will engage with third-party specialists to provide round the clock monitoring. Managers invest even more money to ensure that regular backups are taken. This is so that if the worst happens, the process of recovery will be relatively quick and the company can get back to the business of its business with as little downtime as possible.
All of that is commendable, but the unfortunate reality is that even the most elaborate and expensive systems designed to defend your corporate network can be reduced to nothing by one moment of carelessness by one of your firm's employees.
If you want to increase the return on your IT Security investment, the very best thing you can do is educate your workforce to the dangers that are lurking on the 'net. Teach them security best practices so that they become part of your network security solution rather than being yet another risk factor you have to guard against.
A few examples of the way your employees may be unwittingly putting your firm at risk include the following:
- They use simple, easy to guess passwords that any hacker could guess with minimal effort
- They seldom change their passwords unless forced to
- When traveling, many will connect to your company's network using free, unsecured WiFi hotspots
- A disturbing percentage of people use the same easily guessed passwords across multiple web properties
- They fail to use multi-factor authentication paradigms, even when and where you make them available
- Far too many people will automatically assume that any attachment that lands in their work email inbox is safe, and will open it without thinking twice
- And there is very little cross-checking done when someone reaches out to them via corporate channels to ensure that the person contacting them is who they claim to be
All of these pose a very real risk to the security of your company. Make sure your employees get the training they need to keep both themselves and your corporate network safe.