The Five Most Common Security Mistakes At Work

Remote working is becoming more and more common, not just due to the COVID-19 pandemic but also more flexible schedules and working conditions that better adapt to people’s lives outside of their job.
 
Although remote working comes with a lot of benefits, the cyber security risks also increase greatly, due to the employees being away from the normally very safe online spaces within offices. Working from home means people’s devices and WiFi networks can be easily accessed, and sensitive information can be pirated.
 
These are the five of the most common work security mistakes so you can spot them before they happen.
 
1. Weak Passwords
Passwords are the most common and most effective way to secure your devices but it’s easy to get complacent about them. A strong password will require upper and lower case characters, numbers and special characters. They should also not be specifically related to anything in a person’s life that can be easily deciphered, for example their birthday or their pets name.
 
With many different accounts employees must use sometimes, it’s not uncommon for them to use the same password every time or choose to use a weak password, which can greatly compromise the sensitive information for your business. If your employees struggle to remember passwords, have them use a password manager. It’s also very important passwords aren’t saved onto a personal browser’s history, we’ll explore this problem further along the article.
 
2. Taking Security Workarounds
Company security policies can prove to be burdensome at times, they can be complex and sometimes downright annoying. It’s not uncommon for employees to use workarounds to bypass security protocols and therefore save time and be more effective. Whilst this is a well intentioned trick, it can lead to a huge amount of security risks. Hackers will normally look at saved passwords in a person’s browser, as well as their autofill option, It’s the easiest way for them to find out the information they need without much effort so it’s crucial that employees follow safety protocols such as these and make sure they’re staying safe!
 
3. Sharing Devices With Friends & Family
In a work from home setting it’s normal to see employees using the same devices their family members or friends use. Whilst sometimes this is simply inevitable, it can be problematic. People may be unaware of certain security risks and may click on suspicious links or download files received from unknown email accounts. This is the main way hackers access devices and it can be an honest mistake that can cost a lot. If your employees are able to, they should not be sharing devices with anybody else. If this is a major concern for you and your enterprise, consider providing work laptops for your employees so they can continue sharing their personal ones.
 
4. Hitting 'Remind Me Tomorrow' On Software Updates
Yes, that pesky button that keeps appearing every once in a while on your top right corner on your screen. Most people find these updates to be annoying and sometimes plainly unnecessary, but software updates do serve their purpose. The most updated machines are often the safest ones as they’ve updated all the services you use, including web browsing and firewalls as well as other anti-virus equipment. Encourage your employees to keep their machines updated as it’s a very simple step that can be incredibly helpful when fighting off cyber-attacks.
 
5. Be Mindful Of How much Access You Give Contractors
If you work with external vendors and contractors, be mindful of how much access you give them into your IT systems. It’s important to follow the principles of limited access, meaning giving them only the access to the part of the system they strictly need to fulfil their jobs. This is good practice and avoids ill-intentioned people from picking up information from you that you may not even realise has been stolen. 
 
Summary
Overall, cyber security is more important now than ever, so it’s essential to maintain good practices when you’re in and out of your office, keep your business and your employees safe from hackers.
 
Elizabeth Hines is a Technical writer who works at at Do My Assignment online service.       Image: Unsplash
 
You Might Also Read: 
 
Managing  A Remote Team To Protect Against Cyber Attacks:
 
 
« Biden Warns Putin The US Will React To Attacks
British Police Double Down On CyberAlarm »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

International Organization for Standardization (ISO)

International Organization for Standardization (ISO)

ISO is an independent, non-governmental international standards organization. The ISO/IEC 27001 is the standard for information security management systems.

Netskope

Netskope

Netskope, a global cybersecurity leader, is redefining cloud, data, and network security to help organizations apply Zero Trust principles to protect data.

K&D Insurance Brokers

K&D Insurance Brokers

K&D provide insurance for all sectors of industry and commerce including cyber risk cover.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Norton

Norton

NortonLifeLock is dedicated to helping secure the devices, identities, online privacy, and home and family needs of approximately 50 million consumers.

United Nations Office on Drugs & Crime (UNODC)

United Nations Office on Drugs & Crime (UNODC)

UNODC promotes long-term and sustainable capacity building in the fight against cybercrime through supporting national structures and action.

IberLayer

IberLayer

IberLayer is the company behind the Email Guardian service, a cloud based Email Total Protection system that filters and blocks email threats.

Polyrize

Polyrize

The Polyrize continuous authorization platform for SaaS and IaaS stops tomorrow's public cloud cyber threats, today.

NDK InfoSec

NDK InfoSec

NDK InfoSec is a specialist Information Security and Cyber Security search firm. We're not just a security function in a larger generalist recruitment company.

Tehtris

Tehtris

TEHTRIS XDR Platform was developed to control and improve the IT security of private and public companies against advanced cyber threats such as cyber espionage or cyber sabotage activities.

Cypress Data Defense

Cypress Data Defense

Cypress Data Defense helps clients build secure applications by providing training, best practices, and evaluating security during every stage of the Secure Application Development Lifecycle.

Traced

Traced

At Traced, our aim is to redefine mobile cyber security to provide the best possible protection to everyone against breaches of privacy and security.

Ministry of Electronics & Information Technology (MeitY) - India

Ministry of Electronics & Information Technology (MeitY) - India

The Ministry of Electronics & Information Technology is an executive agency responsible for IT policy, strategy and development of the electronics industry.

Beyon Cyber

Beyon Cyber

Beyon Cyber offer a complete portfolio of advanced solutions & services for cyber security in Bahrain.

Rebellion Defense

Rebellion Defense

Rebellion Defense is a technology company developing advanced software to ensure mission-critical organizations stay ahead of emerging threats.

DRT Cyber

DRT Cyber

DRT Cyber deploys technology solutions to support the functions of cybersecurity, privacy, and risk management.