Discover the best practices of information security PDF that every employee should know.
Why Employees Should Care About Information Security?
Why bother if it is not your duty? After all, the company has an IT department. Not to mention the skillful information security manager on the oversight. Adding to this is a strongly developed information security policy.
So an employee might ask himself, why bother, though?
To tell you, all their skills and efforts can be put to waste, if you make that innocent act of negligence.
Yes, you are. You should know that as an employee, you are staged on the frontlines of information security.
Consider. As an employee, you handle corporate data. As an employee, you represent your company. Also, as an employee, you make use of the corporate’s devices and networks.
Isn’t that enough to tell you that your corporation’s information security lies in each one of you?
“We’re Only Doing The Small Business”
Some may reason, though. But, is it true that small businesses are invincible to attacks?
In reality, no.
Do you know that in 2020 alone, up to 18% of security breaches take place with small business entities?
This is because small businesses are attractive with their low-security standards. Because of the misconception that threats only attack large organizations.
So, whether you are working with either small, medium, or large business entities, be security-responsible.
Information Security PDF: Best Practices That Every Employee Should Know
1. Protect Data
As much as you secure your privacy, then do so with your company’s data.
For all certainty, you will secure Social Security numbers and credit card numbers. Moreover, for sure you should not talk to strangers.
It’s all the same easy practice you should employ upon handling corporate data. So be careful, I mean, ‘always’ be ‘extra’ careful.
Here are a few reminders:
- When posting a picture on social media, make sure no details of the company are shown in the background. May it be on a whiteboard or a computer screen.
- Respect other company’s intellectual property. So be careful not to disclose IP or any trade secrets of other companies.
- Report any suspicious emails or ransomware in the system.
2. Avoid Pop-Ups, Unknown Emails, and Links
In most cases, employees accidentally put their company data by rush actions. Perhaps, unknowingly click links or open pop-up windows.
Here are a few reminders:
- Never fill in personal or company information in response to an email, pop-ups, or any illegitimate sources
- Make use of email authentication technology
- Always contact your security department in these cases
3. Use Strong Password Protection and Authentication
This may sound pretty easy and obvious. But, in reality, this can cost you millions otherwise.
Here are a few reminders:
- Use passwords with at least 10 characters
- Passwords should have numbers, symbols, capital, and lowercase letters
- Change passwords regularly
- Make use of a password manager, perhaps
4. Only Connect To Secure Wi-Fi Networks
This is especially crucial when you are working remotely. Wi-Fi networks can serve as gateways to company data and servers.
Here are a few reminders:
- Make sure that office networks are kept secure, encrypted, and hidden
- When working remotely, make use of VPNs (a virtual private network)