From an IT standpoint, leaders have many threats to contend with, such as viruses, worms, phishing and ransomware.  But there is a much bigger threat that can be more difficult to manage: employees.

Mark Burnette, partner at LBMC Information Security has been quoted saying, “If employees don’t understand what their responsibilities are when interacting with a company computer system, it’s going to be difficult for them to truly protect it. They might unknowingly do something that would put the company’s data at risk.”

Robert Powell, VP of Network Engineering at LBMC Technology Solutions said, “Threats can come through many avenues, such as web browsing, email, a “technician” asking for your password or a thumb drive you find on the ground.  They often seem innocent, potentially helpful and may even be directly targeted to your company or even you personally. A savvy user will always be on the lookout for something suspicious or unexpected.  If it seems questionable, check with your IT team before you open it, provide your password or plug it in to your computer.”

What can be done to prevent data breaches from your own team? In this article, we will talk about how you can prevent unintentional data breaches.

Podcast

Why Employees Are Your Number One Risk?

Listen Now

Multifactor Authentication

According to Burnette, the single biggest step employers can take is to routinely provide multifactor authentication. Multi-factor authentication is a method of computer access control in which the user is granted access only after successfully presenting at least two separate pieces of information into the authentication device. This device is generally a cell phone, or a key fob with randomized codes.

Employee Training & Accountability

Strengthen cybersecurity with employee training and accountability. It is your organizations job to provide training to your team, properly setting the expectation levels in employee conduct. This training needs to be clear, such as setting an Acceptable Use Policy, spell out the employee’s responsibility, and define what your organization defines as misuse. It is recommended that this training occurs at least once per year.

Protecting Removable Media

Removable media is any kind of storage device that can be removed from a computer while the system is still running.  This can include USB drives, flash drives, external hard drives, CD’s, DVD’s and Blu-Ray disks. While seemingly harmless, if employees use unauthorized removable media, such as an external hard drive, information can be easily compromised.  Not only can removable media be easily lost, but if a user doesn’t check configuration settings, items such as external hard drives may be cloud enabled. This can easily result in having contents made available to anyone who wants to access it.

Every day IT security threats increase and companies struggle to keep up. LBMC can scale up your security resources without adding staff – saving you time and money, while increasing the security of your data. Contact us for more information.