Here are some no-excuses tips that will protect your business devices from malware and data breaches.
For every business, it's not a matter of "if" you will experience an attempted cyber attack or breach, but "when," security experts warn. And despite an increasingly sophisticated cyberthreat landscape, organizations are failing to proactively update their security defenses: 46% of IT professionals and business leaders said that their organization's security strategy rarely changes substantially, even after suffering a cyberattack, according to a recent report.
Even if your company doesn't have the strongest cybersecurity measures in place, there are still things that employees can do to keep their individuals devices as secure as possible, and protect both their data and that of any clients.
Here are five easy tips for keeping yourself cybersecure at work.
SEE: Security awareness and training policy (Tech Pro Research)
1. Be extremely wary of links and downloads received via email
"Lot of attacks happen today over email, and the attackers often use social engineering as the first step of a compromise attempt," said Engin Kirda, professor of computer science at Northeastern University.
If you can, avoid clicking on any link that you receive via email, Kirda said. "If you need to check a link, if you use an anonymous proxy site to open that link, the risk of an infection would be reduced," he added.
Attachments are also how infections get into your system, Kirda said. Loading attachments like PDFs or Word documents into Google Drive first and opening them there reducing your chance of getting infected, he added.
2. Take caution when installing apps
Be very careful installing anything new on your work or home machine, Kirda said. "Some 'open source' applications that are free might be bundled with Spyware," he added.
3. Update everything regularly
Updating all of your systems regularly is key for staying cyber secure, Kirda said. Failing to update systems and software has led to a number of major breaches and attacks—including the Equifax breach—and excuses for failing to update must become a thing of the past.
4. Protect your home devices
If your home device is compromised, it puts your professional life at risk, according to Forrester principal analyst Jeff Pollard.
If your company offers home security products as a part of your employee benefits package, sign up for them, Pollard recommended. "The big security software players will often offer companies the option to offer employees anti-malware software for their home laptops and desktops," he said. "Since so many of us log in, check email, and open attachments from work on non-work devices this makes lots of sense."
5. Avoid reusing passwords
Making sure you don't use the same passwords for different work and personal accounts is one way to limit your exposure to cyberthreats, Pollard said.
However, choosing complex passwords that you can actually remember and not reuse is difficult, he added. "A password manager—either an app on the endpoint or a browser plugin—is a great way to avoid the habit of repeatedly using easy to guess passwords," Pollard said.
- Special report: Cybersecurity in an IoT and mobile world (free PDF) (TechRepublic)
- Your failure to apply critical cybersecurity updates is putting your company at risk from the next WannaCry or Petya (ZDNet)
- Ransomware: A cheat sheet for professionals (TechRepublic)
- 3 things you need to know about cybersecurity in an IoT and mobile world (ZDNet)
- How to make your employees care about cybersecurity: 10 tips (TechRepublic)