All the IT safeguards in the world won’t protect the confidential and personal information on your device if online behavior isn’t safe and secure too.
In the workplace, almost all 99% of professionals surveyed in the 2017 Data Vulnerability Report admitted to at least one potentially dangerous action online. Careless online behavior is likely to continue outside of the workplace too.
Here are 5 online behaviors to watch for and change:
- Downloading pirated software. While pirated software is illegal, it is often packaged with malware or it is malware in disguise. There’s also an association between cyber attacks and the use of unlicensed software. The 2017 Insider Threat Intelligence Report from Dtex showed that 76% of assessments found staff using pirated software and media. What to do: Ensure that all software is genuine and fully licensed.
- Connecting with online strangers through LinkedIn, Twitter, Facebook and other social media. Cyber criminals are tricky and are creating online personas. If you ‘friend’ one of these personas, there is an increased risk that your confidential information will be stolen and used in phishing scams. In an Intel Security survey of 2,000 U.K. based LinkedIn users, two-thirds had never wondered about whether a LinkedIn contact was authentic and 24% had connected with someone they did not know. What to do: Check the credentials of people before connecting on any social media website.
- Using the same password for multiple websites. Research has shown that people often use the same password and share their passwords from online accounts with friends or family. But if a cyber criminal gets the one password, the risk of theft of confidential information stored at all online accounts increases. In the 2017 Data Vulnerability Report by Intermedia, 1 in 4 office workers (24%) reused the same login credentials for their work and personal accounts. What to do: Never reuse or share passwords with anyone.Use 2-step authentication and hard-to-guess passwords.
- Opening an attachment or clicking on a link in an email without thinking. Well-crafted phishing scams have become an effective way for cyber criminals to gain access to networks. It happens when a legitimate-looking email from someone and/or an organisation that you know appears in your in-box. But when you open an attachment or click on an embedded link to visit a website, your device is infected with malware. What to do: Always confirm that emails are legitimate. If in doubt (there are spelling mistakes, or there’s an urgency to what the sender wants you to do), delete.
- Leaving confidential information exposed and unattended. Have you ever wandered away from your computer only to return and realize you hadn’t signed out from an account you should protect? Fraudsters are everywhere these days (in the workplace and in public) and they steal confidential information by taking screen shots with their phone or stealing mobile devices. Any confidential data that has been saved onto your hard drive can be stolen. What to do: Never leave your device unattended. In the workplace, implement a Clean Desk Policy as well as strict information destruction policies.
Start Protecting Your Business
To learn more about how Shred-it can protect your documents and hard drives, please contact us to get a free quote and security risk assessment.