HR and IT must collaborate in order to set out clear and well-publicised rules while using training sessions to educate users on the consequences of non-compliance. In addition, conducting internal IT security policy quizzes or tests for employees will encourage users to learn policy violations and their potential impact on the business. You can also consider registering employees for free daily online security tips, like these from the SANS Institute.
The simple, and often common-sense measures that employees can do to help keep data secure are often the most effective, including the immediate reporting of lost devices, working closely with the company’s IT team, refraining from installing apps from unknown sources, not putting off security updates and ensuring users have strong passwords suitable for corporate systems.
Companies must also be cognizant of data theft from within the organisation, often caused by the ease of access to data. A concerted plan to curb employee data theft should incorporate admin, human resources, IT and top-level management. There are steps that a watchful and well-equipped IT department can take to pre-empt data theft, with network data providing valuable insights into employee behaviour. With the help of a reliable security and information event management tool, you can build rules to restrict unauthorised access and be notified about violations. You can also build an authorised group with limited people and ensure that they are the only ones with privileged access to business critical data.
Security education is part of smart security preparation. Better awareness and preparedness will help avoid many commonplace security lapses. Cyber-security threats are not just the preserve of the enterprise and SMEs must also be prepared, but it’s important for organisations to keep in mind that budgetary restrictions don’t have to entirely compromise IT functionality. SMEs do not have to invest in costly and sophisticated enterprise solutions for IT security. The trick is to leverage on free monitoring technologies available on your devices, find the optimum tools that are affordable and efficiently serve multiple network and security requirements while accounting for cost savings.
Don Thomas Jacob works at SolarWinds
Share this story