These days, companies spend significant sums of money protecting themselves from cybercriminals. The threat matrix is vast, and attacks can come from almost any quarter. That is why many companies spend heavily on antivirus software and a wide range of tools that IT security professionals can leverage to intercept attacks "at the gates" and prevent attackers from ever breaching their defenses.

Further, many companies will engage with third-party specialists to provide round-the-clock monitoring. Managers invest even more money to ensure that regular backups are taken. If the worst happens, the recovery process will be relatively quick, and the company can get back to its business with as little downtime as possible.

All of that is commendable, but the unfortunate reality is that even the most elaborate and expensive systems designed to defend your corporate network can be reduced to nothing by one moment of carelessness by one of your firm's employees.

If you want to increase the return on your IT Security investment, the best thing you can do is educate your workforce about the dangers lurking on the net. Teach them security best practices so that they become part of your network security solution rather than being yet another risk factor you have to guard against.

A few examples of the way your employees may be unwittingly putting your firm at risk include the following:

  • They use simple, easy-to-guess passwords that any hacker could guess with minimal effort
  • They seldom change their passwords unless forced to
  • When traveling, many will connect to your company's network using free, unsecured WiFi hotspots
  • A disturbing percentage of people use the same easily guessed passwords across multiple web properties
  • They fail to use multi-factor authentication paradigms, even when and where you make them available
  • Far too many people will automatically assume that any attachment in their work email inbox is safe and will open it without thinking twice.
  • And there is very little cross-checking done when someone reaches out to them via corporate channels to ensure that the person contacting them is who they claim to be

All of these pose a genuine risk to your company's security. Ensure your employees get the training they need to keep themselves and your corporate network safe.

Used with permission from Article Aggregator