With recent headlines talking about stolen emails and possibly state-sponsored system hacking, every enterprise should be more than a little concerned about cyber security and the overall safety of their data. Let’s face it–your information technology systems have been, or someday will be, compromised. No amount of planning nor technological countermeasures is likely to be enough to stop motivated perpetrators from penetrating your defenses.

There is one simple reason for this lack of defensive capability when it comes to cyber security–people. It is a universal truth in security circles that people are the weakest link in the cyber security chain. The key to strengthening this link in the chain is education and training.

Stop. Think. Connect.

October is National Cyber Security Awareness Month. The annual event is sponsored by the National Cyber Security Alliance and is designed to be an education tool for teaching employees of both enterprises and governments how to be more secure in their daily interactions with information technology. The signature campaign is Stop. Think. Connect.

Every enterprise should take some time to educate employees about their responsibilities as cyber-citizens to maintain security when using enterprise-provided information technology equipment. Better educated and better prepared employees can greatly improve security and bring at least some peace of mind to the enterprise CTO.

SEE: Cyberwar and the Future of Cybersecurity (ZDNet special feature)

Microsoft’s efforts

Cyber security, or the lack thereof, is of great concern to the entire information technology industry. Microsoft backs up the efforts of the National Cyber Security Alliance with its own efforts to educate users of Windows 10, Office 365, and Azure.

While much of Microsoft’s efforts deal with consumers and their propensity to dismiss or ignore cyber security concerns, the company also offers educational materials for enterprises looking to spread awareness about cyber security. Microsoft offers four top tips for internet safety at work (PDF):

  • Defend your computer: Keep all software up to date and don’t be tricked into downloading malicious software.
  • Protect company data and financial assets: Don’t put confidential information in unencrypted emails or text messages.
  • Create strong passwords and keep them private: Use a unique password for each device.
  • Guard company data when you’re on the go: Treat all public Wi-Fi networks as a security risk.

While these tips seem basic and to a certain extent common knowledge, they are often forgotten or ignored in the name of convenience and that is a recipe for disaster. Enterprises can’t afford to let these simple procedures slide.

SEE: 5 things we learned about the state of cybersecurity from Structure Security 2016

Bottom line

Cyber security in this IT-driven world should be a major concern for your enterprise. Even the best technological defenses will not prevent a cyberattack on your enterprise information systems if your employees are not educated and trained on how to operate computer systems securely.

It is in the best interest of Microsoft and all the other companies operating in the information technology industry that your enterprise be as secure as possible. This is why so many of these companies support the efforts of the National Cyber Security Alliance and its continuing attempts to educate employees and consumers about cyber security threats and how attacks can be thwarted.

Following a few simple guidelines is all it takes, but enterprises and their employees must buy into the solution completely. So the question is: How well does your enterprise enforce cyber security procedures?

Also read…

Your thoughts

How well does your enterprise enforce cyber security procedures? Is it doing enough? Share your opinions with fellow TechRepublic members.