December 2, 2020
December 14, 2020
From ‘Zoombombings‘ to data breaches, many businesses have seen their fair share of cybersecurity challenges in 2020. According to a Greathorn survey, organizations fight off an average of 1,185 phishing attacks every month.
Your company has a duty to keep its employees’ private information safe. To combat those with malicious intent, it’s important that you make cybersecurity awareness, prevention, and security best practices a part of your company culture. Take these steps to protect your employee information in 2021.
In October 2020, Pfizer suffered a huge data breach because of unsecured cloud storage. Secure data storage needs to take priority in 2021. Be aware of where you store critical employee information and corporate data and who has access to them. Performing a security audit will flag any insecure storage.
If you don’t already use an HRIS, get to know the ins and outs of how it keeps your employee information safe.
Create or update your ‘acceptable use’ policy. This outlines the appropriate use of business assets and employee information. You’ll want to include details of who has access to your employee information and how said information will be used. Your policy should also detail the procedures your business will follow if a violation takes place.
That brings us to planning:
An incident response plan could be your saving grace in a crisis. In a post for Medium, ATG IT outlines the key sections to have in your plan. These include:
Depending on your industry and the rules and regulations surrounding it, you might need to include more or less guidance. It’s a good idea to keep an eye on any upcoming changes to laws and standards too. Ensuring your company has an internal incident response plan and the appropriate resources to handle a cybersecurity breach is crucial.
Drawing up a policy is one thing, but enforcing it is another. In 2021, it’s a great idea to get into the habit of regularly reviewing who has access to sensitive information and updating authorizations accordingly. You should review your policy at least twice a year to ensure it addresses the most current security best practices.
Human error is one of the prime suspects when it comes to cyber breaches. Educating and training your staff on security best practices is, therefore, vital – especially with the recent rise of remote work. Reminding employees of the basics is a good start: provide detailed information on things like:
Make 2021 the year you develop watertight cybersecurity. There are plenty of free educational and training resources out there to get your company on the right track. It doesn’t have to be a dull process, either – try making it more memorable by gamifying the training.
Cybersecurity breaches cost companies millions of dollars every year in fines and legal fees. Don’t let it cost you an arm and a leg in 2021- schedule a meeting with your IT team and discuss possible liabilities. Together, you can come up with a proactive plan to mitigate any future cybersecurity risks your company might face.