There are things that your employees do on a daily basis that threated the security of your network, but they are by no means doing it maliciously. Much of what they do to threaten the network is actually outside of it, which is why you don’t know about it.
Here are the most common things they do on a regular basis that threaten the IT security of your organization.
1. They don’t maintain their systems.
Home systems don’t usually receive the same scrutiny office computers do. While operating systems are updated pretty regularly and automatically, the same cannot be said for browsers. Out of date browsers provide ample security holes where infections can hold quickly. If your employees connect to your network from their home systems and are not regularly updating their browser versions or their operating systems, they are adding an unintended vulnerability to your IT security.
2. They are not careful about their internet habits.
When your employees are using their home computers, their habits are a bit different. They are not as vigilant about the links they click are often infected with malware, but are unaware of the exact source of the problem. Meaning that if they were to rid their system of the malware, they could easily pick it up again, being unaware of the originating source. This type of behavior threatens your network security when your employee uses this computer to connect to the network and introduces malware to environment.
3. They’re not aware of how password strength works.
Your employees create passwords that are easy for them to remember and as a result are easy to be cracked. The fact that adding one special character to a seven letter password can make a significant difference in the likelihood of having that password cracked is not something your employees are likely aware of. It’s also something they are probably unwilling to do as it would complicated their easy to remember password.
4. They re-use passwords across sites.
With so many sites requiring passwords, they tend to use the same one in as many sites as possible with very little variation at those sites that require different password strength. In all likelihood, they are using the same password in the company network as well as to gain remote access.
5. They are writing down the password.
The post it note with the password written on it, stuck to the monitor or next to the keyboard is a very common site. Your employees are not only doing this at home, but they are doing it in the office as well. With password policies enforcing the minimum character password strength and periodic password changes, many employees write them down lest they forget. There is little less secure than a password scrawled out right next to the system where the access is granted.
6. They use their personal email accounts to send business email.
Whether they have not managed to get their smartphone configured to get the company email, or their browser keeps giving them issue with connecting the webmail portal, employees will use their private email to send business mail. Using a gmail, yahoo or even a Hotmail account opens up your employees up to spear phishing attacks.
7. They lose flash drive with business data.
The convenience of quickly downloading a set of files onto a flash drive to work on later when there may be internet access to remotely access them otherwise is hard to pass up. It’s what flash drives were made for. But what they’re known for is falling out of pockets, disappearing out of bags and generally pulling disappearing acts; taking the company data with it, waiting for someone else to find it and access all that confidential information.
