Cyber Security Best Practices for Employees

by | Feb 3, 2016 | Security

used with permission from Norton by Symantec, by Nadia Kovacs

employee_practices_securityEmployees are on the front lines of information security. The more that can be done to regularly educate yourself of the small things you can do can go a long way towards protecting your organization.

Since it is the beginning of the year, many people are returning to work and trying to get out of “vacation mode.” (Us too!) We’ve decided to outline some tips to help you throughout the year to stay safe online while protecting your company in the process.

General Best Practices

  • Avoid providing personal information when answering an email, unsolicited phone call, text message or instant message.
  • Never enter personal information in a pop-up web page or anywhere else that you did not initiate.
  • Keep security software and all other software programs updated.

Cyber Security Best Practices

  • Phishers will try to trick employees into installing malware, or gain intelligence for attacks by claiming to be from IT. Be sure to contact your IT department if you or your coworkers receive suspicious calls.
  • Don’t leak intellectual property- even accidentally. Sharing a picture with a whiteboard or computer screen in the background online could reveal more than someone outside of your company should see.
  • Report security warnings from your Internet security software to IT immediately, chances are, they aren’t aware of all threats that occur.
  • If traveling, alert your IT department beforehand, especially if you’re going to be using public wireless Internet. If offered, make sure you know how to connect to the company’s Virtual Private Network (VPN).
  • Be cautious of links and attachments in emails from senders you don’t recognize. Phishers prey on employees who open these without checking them out, opening the door to malware.

Online Behavior

  • Don’t steal. Taking intellectual property and releasing professional secrets are likely against corporate policies. Your company may track sensitive documents and you could get into hot water.
  • Read your company’s Acceptable Electronic Use (AEU) policy, and follow the policies for safe use of your devices.
  • When backing up to cloud services, be sure to talk to your IT department first, for a list of acceptable cloud solutions. Organizations can make this part of their AEU policy and make it a fire-able offense.

Best Practices for When to Contact Support

  • Call IT before you get in over your head. Often what starts as a simple update can be made more complex by attempting to “fix” the problem.
  • When you Bring Your Own Device (BYOD), ask your IT department if your device is allowed to access corporate data before you upload anything to it. Use authorized applications to access sensitive documents.
  • Learn the process for allowing IT to connect to your system. This can save time when you contact support and they need access to resolve an issue.
  • Learn basic computer hardware terms. This can save valuable time when you contact support and don’t have to describe the “mouse connector-thingy.”