Keeping Your Small Business Data Safe: Employee Education

By on September 22, 2014

When it comes to keeping your network secure, and sensitive information safe, a host of considerations must be taken into account. There is a lot of talk about software, firewalls and other  techy ‘stuff.’ These are certainly important.

But, the human element factors in heavily as well, and educating your employees ranks right up there. Here are just a few tips to get you started.

Educate Them on the Importance of Network Security

Whenever we want our employees to do something, it is always a good idea to let them know why. By understanding why doing something is important, they are much more likely to do it. Taking proper security measures is more likely to stay top-of-mind. Go into specific detail as to what can happen when we get sloppy with security, and the consequences for the business and its customers.

Keeping Your Small Business Data Safe: Employee Education

Develop a Clear Policy

If you want to ensure your employees are taking the necessary steps to keep your business safe, you must put together a network security policy that clearly outlines what types of activities are allowed and what isn’t. You must include information on password creation. Let employees know what steps to take should they do something ‘wrong.’ Explicitly state the consequences for knowingly violating the policy.

Make Sure Security Training is Ongoing

Training employees to be smarter about network security is not a one-and-done type of effort. It must be ongoing. Hackers are always looking for new and more clever ways to trick people into taking actions that will give them access to sensitive information. One example would be sending out a security tip of the day. If you aren’t able to come up with this on your own, the SANS institute offers a subscription where you can have one delivered daily. If a new phishing scheme has come on the scene, make sure you educate employees about how to avoid falling prey. If you requested passwords be changed at certain intervals, be sure to send out reminders.

Let Them Know Where to Go for Help and Questions

Whether it would be an in-house IT employee or a third-party vendor, make sure your employees know where to turn if they have made some sort of mistake or have a question. In this vein, provide information as to what people should do—or not do—in the meantime, until they get the assistance they need.

Realize the Limits

Educating employees can only take you so far. Human error accounts for a large part of security breaches, that is for sure. But, don’t fall into the trap of thinking you can scale back in other areas of your protection strategy because your employees are now better informed.  Make sure you are still up-to-date with security updates, patches and the like. Carefully select software to best meet your needs. For example, the best antivirus for Mac systems may be different than the ones for Windows. One program may be better than another depending on the primary use. You see what I’m getting at. Consider investing in tools that allow you to monitor activity—besides making the effort to educate your employees, you want to see what they are actually doing. These tools will help you nip issues in the bud, and see where you still may need to provide additional training.

About KelliCooper