<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=253481741744766&amp;ev=PageView&amp;noscript=1">

CSG Blog

How To Keep Your Employees From Leaking Confidential Information

Posted by Scott Spiro on Wednesday, 31 May 2017

Confidential Information.jpeg

Back in 2014, Code Spaces was murdered. The company offered tools for source code management, but they didn’t have solid control over sensitive information — including their backups. One cyberattack later, and Code Spaces was out of business. Their killer had used some standard techniques, but the most effective was getting an unwitting Code Space employee to help — likely via a phishing attack.

Employee Risk Management

When it comes to cybercrime that targets businesses, employees are the largest risks. Sure, your IT guys and gals are trained to recognize phishing attempts, funky websites, and other things that just don’t seem right. But can you say the same thing about the people in reception, or the folks over in sales?

Educate Employees on Basic Data Security

Sure, those employees might know that clicking on links or opening attachments in strange emails can cause issues. But things have become pretty sophisticated; cybercriminals can make it look like someone in your office is sending the email, even if the content looks funny. It only takes a click to compromise the system. It also only takes a click to Google a funny-looking link or ask IT about a weird download you don’t recognize.

Just as you can’t trust people to be email-savvy, you also can’t trust them to come up with good passwords. People still use birthdays, pet names, or even “password” as their passcodes — or they meet the bare-minimum standards for required passcode complexity. Randomly generated passcodes are better, and requiring multiple levels of authentication for secure data access is a must-do.

Extend Security Measures to Your Remote Work Policy

Remember, that’s just for the office. Once employees start working outside of your network, even more issues crop up. It’s not always possible to keep them from working from home, or from a coffee shop on the road. But it is possible to invest in security tools, like email encryption, that keep data more secure if they have to work outside your network. And if people are working remotely, remind them that walking away from the computer is a no-no. Anybody could lean over and see what they’re working on, download malware or spyware, or even swipe the entire device and walk out — all of which are cybersecurity disasters.

Prevent Against Malicious Employee Behavior

Last but not least, you need to consider the possibility of a deliberate security compromise. Whether they’re setting themselves up for a future job or setting you up for a vengeful fall, this common occurrence is hard to prevent. It’s possible that Code Space’s demise was the result of malice, so let it be a warning to you as well!

Whenever an employee leaves the company for any reason, remove their accounts and access to your data. And make it clear to employees that this behavior is considered stealing, or worse, and will be treated as such in criminal and civil court.

You really have your work cut out for you, huh? Fortunately, it’s still possible to run a secure-enough company in today’s world. Keep an eye on your data and on your employees. And foster an open communication that allows you to spot potential — or developing — compromises as soon as possible.

Contact us at (424) 393-1883, email scott.spiro[at]csgsupport.net, or visit http://www.csgsupport.net/free-assessment/ to schedule our Disaster Recovery Audit FREE of charge. Contact us TODAY to get scheduled!

Topics: Cybercrime, Confidential Information

FREE REPORT

What Should You Expect to Pay for IT Support in Los Angeles

Need IT support but don't how much it should cost? Download our FREE report to discover what most IT service companies in Los Angeles charge, what you should expect to pay for quality IT support, and how to get exactly what you need without unnecessary extras, hidden fees and fake, lowball estimates.

Fill out the form for your FREE executive report.

Recent Posts