Just like you can form habits to be more productive, you can also form habits that expose your organization to risky situations, namely security problems. Your employees in particular are likely to have picked up a couple of nasty habits over time, so it’s up to you to address them and keep them from becoming an issue in the long term.
Habit 1: Password Security
This habit means that your employees create weak passwords, then continually reuse them for multiple accounts. We get it; nobody likes to remember multiple passwords–especially complex passwords–but they are way better for network security than your standard fare. You should by all means avoid using words like “password” or strings like “123456.”
It’s critical that you hold your staff to this higher standard, as failing to adhere to the bare minimum could expose sensitive information in the event of a data breach. Furthermore, you should update passwords regularly, as well as use a password manager to help your employees keep track of everything.
Habit 2: Sharing Passwords
It might seem like employees are being efficient by sharing passwords, but it’s more like cutting corners. Sure, it might save a second or two, but it will really stink when you whack your elbow on the wall. If they are company-owned accounts that are set up, like company social media accounts or shared resources, that’s another thing entirely, but these are generally managed by the company, not the individual.
Basically, you need to be cognizant of the dangers displayed by sharing passwords, as well as have the ability to react to these issues in a timely manner.
Habit 3: Using Personal Storage for Company Files
Cloud computing is a great way to increase the value and utility of technology services, but only when it’s used properly. Employees might use their own personal cloud storage solutions to store company files, which is a major red flag. While they might be doing it for convenience, you still need to address it. These files will be stored in a location that isn’t as secure as your company’s network, and while the employee might have good intentions, the repercussions could potentially be catastrophic.
Habit 4: Shadow IT
Any software or hardware that is installed or implemented on your business’ solutions without approval from IT is considered “shadow IT,” or IT that can’t really be controlled or regulated by your IT department. Often times employees will look for ways to get around the challenges that face their particular work role, and while they are doing it to make themselves more productive, the end result is a less secure overall network and less solid policies regarding the governance of these solutions.
Habit 5: Careless Use of Email
Email is frequently used for both correspondence and file sharing, but without proper discretion, this comes at the detriment of your organization. Consider how bad it could be for your business if you send the wrong attachment or the wrong information to someone who isn’t supposed to see it. With such a great solution available, you need to take proper precautions to make sure that data doesn’t leak to the wrong recipient.
Habit 6: Insufficient Training
This isn’t so much a habit of your employees; rather, it’s one for employers in general. Employees need to understand the security threats that they face on a day-to-day basis, and without you there to guide them, they likely won’t take action to keep your business safe. Security training is integral to the success of any business model, and it should play a significant role in the onboarding process. You should then supplement this training with frequent phishing tests, team discussions, and further training as needed.