The Five Most Common Security Mistakes At Work

Remote working is becoming more and more common, not just due to the COVID-19 pandemic but also more flexible schedules and working conditions that better adapt to people’s lives outside of their job.
 
Although remote working comes with a lot of benefits, the cyber security risks also increase greatly, due to the employees being away from the normally very safe online spaces within offices. Working from home means people’s devices and WiFi networks can be easily accessed, and sensitive information can be pirated.
 
These are the five of the most common work security mistakes so you can spot them before they happen.
 
1. Weak Passwords
Passwords are the most common and most effective way to secure your devices but it’s easy to get complacent about them. A strong password will require upper and lower case characters, numbers and special characters. They should also not be specifically related to anything in a person’s life that can be easily deciphered, for example their birthday or their pets name.
 
With many different accounts employees must use sometimes, it’s not uncommon for them to use the same password every time or choose to use a weak password, which can greatly compromise the sensitive information for your business. If your employees struggle to remember passwords, have them use a password manager. It’s also very important passwords aren’t saved onto a personal browser’s history, we’ll explore this problem further along the article.
 
2. Taking Security Workarounds
Company security policies can prove to be burdensome at times, they can be complex and sometimes downright annoying. It’s not uncommon for employees to use workarounds to bypass security protocols and therefore save time and be more effective. Whilst this is a well intentioned trick, it can lead to a huge amount of security risks. Hackers will normally look at saved passwords in a person’s browser, as well as their autofill option, It’s the easiest way for them to find out the information they need without much effort so it’s crucial that employees follow safety protocols such as these and make sure they’re staying safe!
 
3. Sharing Devices With Friends & Family
In a work from home setting it’s normal to see employees using the same devices their family members or friends use. Whilst sometimes this is simply inevitable, it can be problematic. People may be unaware of certain security risks and may click on suspicious links or download files received from unknown email accounts. This is the main way hackers access devices and it can be an honest mistake that can cost a lot. If your employees are able to, they should not be sharing devices with anybody else. If this is a major concern for you and your enterprise, consider providing work laptops for your employees so they can continue sharing their personal ones.
 
4. Hitting 'Remind Me Tomorrow' On Software Updates
Yes, that pesky button that keeps appearing every once in a while on your top right corner on your screen. Most people find these updates to be annoying and sometimes plainly unnecessary, but software updates do serve their purpose. The most updated machines are often the safest ones as they’ve updated all the services you use, including web browsing and firewalls as well as other anti-virus equipment. Encourage your employees to keep their machines updated as it’s a very simple step that can be incredibly helpful when fighting off cyber-attacks.
 
5. Be Mindful Of How much Access You Give Contractors
If you work with external vendors and contractors, be mindful of how much access you give them into your IT systems. It’s important to follow the principles of limited access, meaning giving them only the access to the part of the system they strictly need to fulfil their jobs. This is good practice and avoids ill-intentioned people from picking up information from you that you may not even realise has been stolen. 
 
Summary
Overall, cyber security is more important now than ever, so it’s essential to maintain good practices when you’re in and out of your office, keep your business and your employees safe from hackers.
 
Elizabeth Hines is a Technical writer who works at at Do My Assignment online service.       Image: Unsplash
 
You Might Also Read: 
 
Managing  A Remote Team To Protect Against Cyber Attacks:
 
 
« Biden Warns Putin The US Will React To Attacks
British Police Double Down On CyberAlarm »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Verimatrix

Verimatrix

Verimatrix is a global provider of innovative cybersecurity solutions that protect content, devices, software and applications.

BlueID

BlueID

BlueID is an IDaaS technology product which enables your objects to securely connect and interact with your users’ smart phones and smart watches.

CUIng.org

CUIng.org

The CUIng initiative was launched to tackle the problem of criminal exploitation of information hiding techniques.

Cybersecurity Innovation Hub

Cybersecurity Innovation Hub

Cybersecurity Innovation Hub is a non-profit network organization focused on cooperation, information sharing, research and implementation of cutting-edge technologies in cybersecurity.

IntaPeople

IntaPeople

IntaPeople are IT and engineering recruitment specialists. We have specialist teams for job sectors including Cybersecurity, IT infrastructure and DevOps.

About Cyber Security.

About Cyber Security.

About Cybersecurity provides a galaxy-wide knowledge base of cybersecurity tactics and techniques derived from actual experience.

Centre for Cyber Security Belgium (CCB)

Centre for Cyber Security Belgium (CCB)

The Centre for Cyber Security Belgium is the central authority for cyber security in Belgium.

PSafe

PSafe

PSafe is a leading provider of mobile privacy, security, and performance apps. We deliver innovative products that protect your freedom to safely connect, share, play, express and explore online.

SpireTec Solutions

SpireTec Solutions

SpireTec Solutions is an IT management training company offering 1500+ courses with state of art training facilities backed by a team of industry experts in various domains including cybersecurity.

Protexxa

Protexxa

Protexxa is a B2B SaaS cybersecurity platform that leverages Artificial Intelligence to rapidly identify, evaluate, predict, and resolve cyber issues for employees.

Distology

Distology

Distology are an award-winning cloud security distributor bringing a wealth of experience and strong relationships with a huge breadth of partners covering the UK, Ireland and Benelux.

Incyber

Incyber

Incyber is a fully integrated network and cybersecurity solutions provider contracted to safeguard public and private enterprise, high value data and sensitive industries.

Board of Cyber

Board of Cyber

Board of Cyber offers Security Rating: a fast, non-intrusive, continuous, 100% automated solution to evaluate the cyber performance of an organization.

Prizsm Technologies

Prizsm Technologies

Prizsm is a computational storage capability that provides flexible, easy-to-use, resilient solutions for quantum-resistant, hyper-secure cloud storage and communications.

LMNTRIX

LMNTRIX

LMNTRIX eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent and respond to cyberattacks.

MIND

MIND

MIND is the first-ever data security platform that puts data loss prevention and insider risk management programs on autopilot, so you can automatically identify, detect and prevent data leaks.