Have you been collecting the latest pieces of evidence in our Cyber Clues mystery? The clock is ticking to uncover:
The characters in the game represent 6 all-too-common habits that can lead to internal cyber security breaches in organisations of all sizes.
We often say that your business is only as secure as your weakest link. Your team members and their attitudes toward cyber security can be the best defence or the biggest risk where phishing scams, malware and viruses are concerned. So, let's take a closer look at these characters and how their choices are leaving the door open for cyber crime!
1) Unsecured Devices
Like Tuneful Tara, your staff may be accustomed to connecting personal devices to the network, from mobile phones and tablets to personal USB drives or laptops. In theory, a BYOD (bring your own device) policy can be excellent for saving on hardware, but these unsecured devices represent tens or hundreds of entry points for cyber criminals to sneak into your IT systems.
As remote working increases in popularity, consider endpoint security, which works in tandem with your existing security systems to help you:
2) Delaying Security Updates
Postpone Pascal really dislikes when a new software and security update changes the settings on his computer, so he always puts them off for later. Does this sound familiar?
Although updates can take some time and re-arrange some of your settings, they are absolutely worth the effort. Old and unpatched software likely contains weak spots that can be easily manipulated and hacked. Updates are often released solely to improve security.
A cloud-powered service like desktop virtualisation allows for regular software updates that are centrally-managed and applied to every virtual machine (VM), so individual users aren't able to delay the updates like Pascal.
3) Clicking Suspicious Links
Are you guilty of being like Clicky Cameron? He's very thorough, although he can't help but click on every link, attachment and website he sees. Whether it's a targeted ad or an unfamiliar email, curiosity gets the better of him every time.
Unfortunately, statistics show that 91% of sophisticated cybercriminals start through email. Those links that Cameron can't resist clicking are one of the simplest ways for viruses to infect your network. Training your staff to be extra cautious about unknown links is incredibly important!
4) Weak Passwords
Forgetful Fabio can never remember the passwords for all his different accounts, so he keeps them simple and similar...and he writes them down! Everyone in the office knows that they can pop by his desk or send him a quick message for the password to any shared log-ins.
Multi-factor authentication is just one of the layers of security that you can add to help individuals like Forgetful Fabio. Regularly changing passwords and using password management software are also recommended.
5) Sharing Sensitive Information
Whimsical Wilma sees the best in everyone, and she's happy to share information about company policies...anything really to whoever wants to know! Unfortunately, what she doesn't realise is that this slow drip of information (about the software they use, where information is stored and who has access to it) is a massive security risk! Adopt a company policy of only sharing information on a 'need to know' basis, and stay firm!
And, finally, 6) Skipping the Office Security Awareness Training.
At SysGroup, we understand that your employees may not be thrilled about seeing "Security Awareness Training" on the schedule. Busy Bimela is a prime example of this attitude. She knows it's important, but she's just too busy! After all, she's not part of the IT department, so she doesn't need specific training right?
Our online or in-person security awareness training offers an engaging and interactive way for your team to understand how phishing scams and cyber attacks work. They will understand the importance of their role and how they are easy targets when they bypass standard procedures and let their guard down.
Our security awareness training offers: