The Five Most Common Security Mistakes At Work

Remote working is becoming more and more common, not just due to the COVID-19 pandemic but also more flexible schedules and working conditions that better adapt to people’s lives outside of their job.
 
Although remote working comes with a lot of benefits, the cyber security risks also increase greatly, due to the employees being away from the normally very safe online spaces within offices. Working from home means people’s devices and WiFi networks can be easily accessed, and sensitive information can be pirated.
 
These are the five of the most common work security mistakes so you can spot them before they happen.
 
1. Weak Passwords
Passwords are the most common and most effective way to secure your devices but it’s easy to get complacent about them. A strong password will require upper and lower case characters, numbers and special characters. They should also not be specifically related to anything in a person’s life that can be easily deciphered, for example their birthday or their pets name.
 
With many different accounts employees must use sometimes, it’s not uncommon for them to use the same password every time or choose to use a weak password, which can greatly compromise the sensitive information for your business. If your employees struggle to remember passwords, have them use a password manager. It’s also very important passwords aren’t saved onto a personal browser’s history, we’ll explore this problem further along the article.
 
2. Taking Security Workarounds
Company security policies can prove to be burdensome at times, they can be complex and sometimes downright annoying. It’s not uncommon for employees to use workarounds to bypass security protocols and therefore save time and be more effective. Whilst this is a well intentioned trick, it can lead to a huge amount of security risks. Hackers will normally look at saved passwords in a person’s browser, as well as their autofill option, It’s the easiest way for them to find out the information they need without much effort so it’s crucial that employees follow safety protocols such as these and make sure they’re staying safe!
 
3. Sharing Devices With Friends & Family
In a work from home setting it’s normal to see employees using the same devices their family members or friends use. Whilst sometimes this is simply inevitable, it can be problematic. People may be unaware of certain security risks and may click on suspicious links or download files received from unknown email accounts. This is the main way hackers access devices and it can be an honest mistake that can cost a lot. If your employees are able to, they should not be sharing devices with anybody else. If this is a major concern for you and your enterprise, consider providing work laptops for your employees so they can continue sharing their personal ones.
 
4. Hitting 'Remind Me Tomorrow' On Software Updates
Yes, that pesky button that keeps appearing every once in a while on your top right corner on your screen. Most people find these updates to be annoying and sometimes plainly unnecessary, but software updates do serve their purpose. The most updated machines are often the safest ones as they’ve updated all the services you use, including web browsing and firewalls as well as other anti-virus equipment. Encourage your employees to keep their machines updated as it’s a very simple step that can be incredibly helpful when fighting off cyber-attacks.
 
5. Be Mindful Of How much Access You Give Contractors
If you work with external vendors and contractors, be mindful of how much access you give them into your IT systems. It’s important to follow the principles of limited access, meaning giving them only the access to the part of the system they strictly need to fulfil their jobs. This is good practice and avoids ill-intentioned people from picking up information from you that you may not even realise has been stolen. 
 
Summary
Overall, cyber security is more important now than ever, so it’s essential to maintain good practices when you’re in and out of your office, keep your business and your employees safe from hackers.
 
Elizabeth Hines is a Technical writer who works at at Do My Assignment online service.       Image: Unsplash
 
You Might Also Read: 
 
Managing  A Remote Team To Protect Against Cyber Attacks:
 
 
« Biden Warns Putin The US Will React To Attacks
British Police Double Down On CyberAlarm »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Giesecke+Devrient (G+D)

Giesecke+Devrient (G+D)

Giesecke+Devrient develop security technologies in four major areas: enabling secure payment, providing trusted connectivity, safeguarding identities and protecting digital infrastructures.

Advantech

Advantech

Advantech is a leader in providing trusted innovative embedded and automation products and solutions. Activities include IoT security.

Riverside Research

Riverside Research

Riverside Research is a not-for-profit organization chartered to advance scientific research in areas including Trusted & Resilient Systems.

National Cybersecurity Hub - South Africa

National Cybersecurity Hub - South Africa

The mission of the National Cybersecurity Hub is to be the central point of collaboration for cybersecurity incidents in South Africa.

Cancom

Cancom

CANCOM group is one of the leading providers of IT infrastructure and IT services in Germany and Austria. Solution areas include network security.

SQN Banking Systems

SQN Banking Systems

SQN Banking Systems fraud detection software products are a critical step towards overcoming the growing problem of fraud across the various payment channels.

Dracoon

Dracoon

DRACOON is market leader in the German-speaking region for secure enterprise file sharing.

CyGlass

CyGlass

CyGlass simply and effectively identifies, detects, and responds to threats to your network without requiring any additional hardware, software, or people.

HEQA Security

HEQA Security

HEQA Security (formerly QuantLR) offer the world’s most cost-effective, easy-to-integrate, and secure Quantum Key Distribution (QKD) solution

Zuul IoT

Zuul IoT

Zuul take an asset-centric approach to OT security, enabling security teams to protect the critical IIoT/IoT devices that are at the foundation of critical business functions.

AI Spera

AI Spera

AI-Driven Cyber Threat Intelligence Security. AI Spera provides real-time intelligence to empower your security competences in all aspects of the business.

Sayers

Sayers

Sayers is best known for its ability to solve business challenges with IT solutions. Our areas of expertise include cloud, storage, virtualization, security, mobility and networking.

AuthMind

AuthMind

Prevent your next identity-related cyberattack with the AuthMind Identity SecOps Platform. It works anywhere and deploys in minutes.

Huntr

Huntr

Huntr provides a single place for security researchers to submit vulnerabilities, to ensure the security and stability of AI/ML applications.

Assura

Assura

Assura provides innovative cybersecurity advisory and managed services to all industries including government, healthcare, financial, manufacturing, and transportation sectors.

Smartcomply

Smartcomply

Smartcomply is an automated and AI-powered cybersecurity and compliance platform that aids businesses in reducing the time and money spent on cybersecurity and compliance.