Employee Security – 7 Best Practices to Consider

/in


In the first installment of our cybersecurity best practices, we explored how individuals can safeguard their personal data. But just as vital to security is employee security awareness and protecting important information within an organization. One wrong move by employees could have major repercussions not only for themselves but also for a company’s reputation and clientele.

Part two delves into the steps employees should take to ensure protection: from password, email, and mobile device precautions–all necessary employee security to prevent vulnerable exposure in the workplace.

1. Passwords

Good for everyday security users

The same set of rules from the first part of the series apply with employee security as well. 

Recommendations

Don’t set your passwords for your work accounts to things like “lovemyjob123” or “techguy83”. This will only to lead to poor security and a larger attack space for your work account. Furthermore, don’t share passwords across accounts–especially between personal and work. 

Like in part one, you should use a solid password manager like Bitwarden. Password managers can handle all of your work accounts as well as generate secure passwords for you.

2. Email Use

Good for everyday security users

Using personal email for business activities–and vice versa–is the wrong thing to be doing. 

As an employee you are more likely to be the target of phishing scams and malicious emails at your company email address. For your personal email address, you are more likely to receive the “Hot Girls in your area” or “Low-cost Viagra” spam email. 

Both of these kinds of emails are malicious and obviously not desirable–and can cause serious damage in both environments.

3. Mobile Devices

Good for everyday security users

Many organizations have a “Bring Your Own Device”–or BYOD–employee security policy in place for employees to use their personal cell phones for work. If this is the case, there are likely many policies in the company’s handbook for acceptable use on these devices.

It should go without saying, but it is going to be said: “Regardless of company policy, DO NOT put company information on your personal device.Source…