News & Views

Are staff putting your company’s data security at risk?

by John Lane - Oct 7, 2016

computer-1591018_960_720.jpg

The internet has become something of a commodity in many modern workplaces. Whether troubleshooting errors or Skyping colleagues on the other side of the world, the convenience, communication, and information it provides is vital for doing business.

But there’s also a dark side to your staff having internet access on the company network. According to a study by Arlington Research, a company’s employees pose the greatest threat to its data security.

Here are eight potentially dangerous activities your staff could be up to on your company network:

Downloading torrents

Many of today’s millennial workforce grew up in the file-sharing heyday of LimeWire, Napster and BitTorrent. Unfortunately for IT managers the world over, a considerable number have brought their piracy habits into the office. In a 2015 report, 23% of surveyed companies showed P2P file-sharing activity – a large percentage of which involved files infected with malware.

Reckless social media use

Spending time on social media isn’t only a productivity issue; it can expose employees to innumerable suspicious links and malicious files. Social media is also a phisher’s playground, so make sure to implement a comprehensive policy on social media use in the workplace.

Adult entertainment websites

This one should really go without saying, but the stats say otherwise. According to the Society for Human Resource Management 70% of all online porn is viewed between the hours of 9 am and 5 pm, i.e., during office hours. Regardless of your views on the adult entertainment industry, the fact of the matter is that porn is more likely to involve high-risk sites that put your network and data security at risk.

Using unsecured personal devices

With the proliferation of Bring Your Own Device (BYOD) policies, an increasing number of company networks are flooded with an array of personal devices – from tablets and laptops to phablets and Fitbits. With so many devices on your network, it can be difficult to ensure that each and every one is secure and doesn’t put your data security at risk. The best way to combat this is to invest in comprehensive managed endpoint security, as well as network visibility that lets you see exactly who’s on your network at any given time.

Using their personal email at work

As a certain American political figure has demonstrated, it’s not always the best idea to use your personal email at work. There’s a reason your employees are given a work email address – and it’s not only for their correspondence to look more professional. Company emails are often more secure, and eliminate the risks of leaving optimal email selection up to each employee. The risk to data security simply isn’t worth leaving it up to chance. Another reason an employee might use personal email is to send larger files. Many companies limit the amount of data sent over company mail networks for security purposes and to keep the company’s network running smoothly.

Downloading attachments with malware or a virus

According to a study by McAfee, cybercrime that involves unsuspecting users downloading malicious attachments accounts for $375 billion in losses to the global economy – and that’s a conservative estimate. This risk can be minimised by implementing a company-wide internet usage policy that prohibits anyone from downloading non-work-related files and attachments.

Downloading free programs from unsecure websites

There’s a seemingly endless amount of software out there, which can be tricky to navigate if you need something but don’t have a particular solution in mind. This is especially a problem in the workplace, where people often take their own initiative to find programs that increase their efficiency and speed up their work processes. The problem is, free software and tools often have hidden additional programs like adware or even spyware. And while you can’t exactly blame employees for trying to do their job better, you can go out of your way to make sure they have all the tools and software (fully licensed professional versions, ideally) they need to do their jobs smoothly and efficiently.

Before you take to the office floor and accuse your employees of any of the above, it’s worth assessing your own network infrastructure to determine what you can do to minimise risk and increase your data security. You need comprehensive IT protection that includes endpoint security and data backup plans, not just a social media policy or restrictions on personal device use. To learn how you can make this a reality for your network, get in touch.

 

TAKE OUR I.T. HEALTH CHECK

TAGS: it strategy