Internet security and privacy is a big topic at every company in the world right now. The Sony hack is showing everyone just how deeply vulnerable company’s are. Better Internet security and privacy ideas are being discussed, but how do you make it part of your company culture? I’m going to look at some of the bad habits that companies get in, and offer up solutions to this.
Bad Internet security and privacy habits
Poor password choices
Not taking passwords seriously is a day one problem. All too often, new employees are given passwords to company accounts that are simple as ‘123456,’ or the company’s name. Hackers have no problem using a password recovery tool to hack these easy passwords and gain access.
Improper password sharing
Say you have a shared account that everyone logs into to work on projects together. Users who email the password to the new guy, or the guy who forgot, are exposing the password in a harmful way. Email is not secure, as is made clear by how many emails we’ve read lately about what a pain in the @$$ Angelina Jolie is to deal with.
Believing that online tools are secure the way they are
You log into your company email account using a secure password. It should just be secure on its own, right? There are so many risks out there which can occur just when you log on to any service that you should always be looking for ways to increase your Internet security and privacy.
Not clearly establishing who has access to what
If you leave it to your employees to determine who can go where, you will find that the lowest common denominator will win. Internet security and privacy for your company falls apart as people share access to systems, passwords, and sensitive information with anyone who asks for it as they haven’t been told who is actually allowed to see or use it.
Making Internet security and privacy a part of company culture
Let’s address each concern above in turn.
Correcting password problems
Each new employee needs to be given a password that looks unique. Maybe it’s their name and random numbers, maybe it’s all scrambled letters, numbers and symbols. Above all, it can not be any easy to guess password. This is a major company culture issue as if they see that you don’t take it seriously from day one, neither will they.
Better password sharing
First, passwords are best given to employees on a one to one basis. Emailing them out all at once to a bunch of new hires is a terrible idea. Your best bet is to sit down with the new hire and have them create the password as you build their work profile. This makes it so no sharing occurs at all.
Making sure your employees know not to email passwords back and forth is another important step to take. Email feels secure, but it isn’t when a determined hacker focuses on it.
Better Internet security and privacy for your online tools
The online world is full of problems. There are brute force hacks, Fake WAPs, and phishing scams galore. One of the easiest ways that you can help increase your Internet security and privacy is by using a
Businesses have been using VPNs for years to do exactly this. With all of the commercially available VPN providers out there, you have no excuse to not take this step in your company’s Internet security and privacy needs.
Clearly establish access levels
This can be done the obvious way by giving clear directions as to who has access to what systems. This can apply to both people inside and outside of the company.
Beyond this, you can create physical barriers by giving people in certain office spaces access to computers on one network that don’t connect up to other networks. These physical barriers can help build better Internet security and privacy the old fashioned way – with walls.
Business Internet security and privacy culture must change
Leaks, hacks, and online threats are real. The biggest targets are companies and corporations. You can increase your company’s Internet security and privacy by changing your company culture. It’s a day one on the job goal, be sure to instill this in your employees right from the first moment they sit down at their desk.
How does the @FBI spot insider #security threats? Derek Brink shares a list of #enduser red-flags [BLOG] http://t.co/P9WJszUwmS
— RSA (@RSAsecurity) December 15, 2014
Feature image via Rawpixel / Shutterstock