67% of employees use their personal devices at work, and with an increasing number of people working remotely, this number is sure to rise. When we think of a business’ health and safety practices, we often think of things employers can do to protect the physical health of staff, but in an increasingly online world, it’s vital that employers also consider the safety of their workforce online. This means that employees need to be trained in safe internet usage, and while many people may think they know how to navigate the internet safely, it’s often the ‘obvious’ things that get overlooked and leave them the most vulnerable to cybercrime.
Ongoing education is essential
The most important thing businesses can do to protect employee safety online is to ensure that the whole team is educated about cybersecurity. This should be a regular topic covered in meetings and training sessions, and should be delivered to managers as well as to staff. The more sensitive information an individual has access to, the more popular they become as a target for cybercriminals: no matter how high up they are, regular online safety training is crucial. This training should include how to spot potential security concerns, how to protect personal and customer information, and how to navigate the internet safely.
The details matter
It’s easy for even the most web-savvy of people to expose themselves to cybercrime unknowingly, simply by not considering their password or search engine use. Employees use well-known search engines so regularly that it’s easy to forget that they are potentially a source of useful data for a cybercriminal. Companies funnel a lot of time and resources into optimizing their SEO to set them apart from the rest of their niche. Everyone from medical practitioners to legal professionals use carefully tailored SEO to ensure that the people who need their services find them – and choose them over their competitors.
Searching for exactly what you want to find on a reputable search engine is, therefore, a reliable way to find the service or information you’re looking for without including any personal information in your search. Search engine records will tell malicious users more about you, so including any personal information in that search may put you at risk. Details like this, along with using encrypted connections and safe passwords, may seem obvious, but these are the things that need constant relearning if employees are to remain vigilant and safe online.
Knowing what to look for
All employees should be aware of how to spot phishing scams and potential Trojan attacks. It’s crucial that staff understand the importance of not revealing sensitive information. A large number of malware scams are accidentally instigated by employees opening suspicious links or divulging private information in an email. Workers should therefore be encouraged to pass on any requests for private information to HR, which should be the only department handling the sharing of sensitive information. They should also be aware of fake URLs, social engineering and the dangers of other Wi-Fi enabled devices — it’s easy to forget that printers and scanners store private data, and are therefore also open to cyberattacks.
No detail is too small for inclusion in regular online safety training plans. The internet has become so integral to many people’s lives that it’s easy to take it for granted. And while that may make employees feel like they’re being told the obvious, it is the ‘obvious’ details that are most likely to jeopardize their safety.