Employees are your last line of defense when it comes to cyber security. It is extremely important that employees understand security practices and how to act on them in order to be an additional layer of security to the technical filters you already have in place. Below are 7 reasons why companies need to create a “Human Firewall” as soon as possible:
1. Ransomware is the most common severe attack
Ransomware is a top threat that can bring down your whole network. Companies should limit permission for network sharing only to employees who require it and train employees to recognize the red flags of ransomware.
2. Phishing attempts are the most common way to steal your financial information
Cybercriminals most commonly use phishing emails or a fake website to steal your financial information. Remember that the CRA and banking institutions will not contact you by email to request personal or financial information, so ignore these kinds of emails.
3. CEO Fraud comes second in ways to steal your financial information
High-risk users for CEO Fraud are those in the Accounting and Human Resources department. These employees should be frequently exposed to simulated CEO Fraud attacks so they can recognize and prevent these attacks from occurring.
4. Phone Scams
Hackers can call your company and pose as Tech Support or a CRA employee in order to get access to your workstation or financial information. Your employees need to be trained to identify when phone scams happen and what to do if they are being scammed.
5. Your Antivirus is getting less and less effective
According the Virus Bulletin, the Antivirus industry’s premier insider site, the detection rates have dropped from about 80% down to 67-70% over the past 9 months. If a malicious email isn’t caught by your antivirus, it may not be caught by your spam filter either. One in 200 emails with malicious attachments make it through which means there is high potential for malware to enter your employees’ inboxes everyday.
6. The Internet Of Things
It is important that your employees understand how connected technology is. Both consumer and commercial devices are connected to each other and the internet through wireless protocols. Vendors are quickly creating products to stay competitive, but ignore developing proper security features. Your employees need to be trained to change default passwords and disable remote access, as well as doing drills to prepare for any kind of attack.
7. Over-reliance On Web Services
Be aware of “Shadow-IT”: employees who use IT systems or solutions within an organisation without the approval or knowledge of the IT department. This is an invitation to many vulnerabilities and data breaches that IT cannot control. Your employees need to know about the dangers and risks of Shadow-IT.
Be aware of web and mobile apps: only install web and mobile apps that are approved by your IT department. Web and mobile apps have become more vulnerable to attacks since they have the ability to communicate with third-party services that can steal personal data and information.
For a review of your IT network security and advice on how to protect your organization both from a technical and human perspective, give BSC Solutions Group a call today.
