According to research by the Ponemon Institute, approximately 80% of business data breaches are a result of human error. An article over on Entrepreneur explores ways to improve your small businesses security awareness.
It only takes one careless employee to cause a big issue.”
Entrepreneur provides a great example of how one employees’ simple mistake could cost an entire business.
Sally, is checking her personal email at work and opens one that promises she will lose 10 pounds within the next week. She clicks the link inside of the email and without her realizing it, this action installs a virus on to her computer. Not only is the virus now on her computer, it is also infiltrating the network.”
This example shows just how quickly and simply an employee can fall victim to a data breach. Since human error is the leading cause of a data breach, it is vital that small business owners educate their employees on security awareness.
Some great ways to educate your employees on security issues include:
- Set up a “phishing simulation”. This will send your employees emails with links that look legitimate. Once your employee opens the link, they will be directed to a page letting them know they fell for a phishing scam. This of course, will be a simulation and not infect their computer, but is a great way for an employee to see how easily a cybercriminal can strike.
Make sure the emails are random and unpredictable by sending them throughout the day with different content. It is also important to send another phishing simulation to those individuals who fell for the first one a few weeks later to ensure they have learned what to look for.
- Consider hiring a professional to attempt to collect sensitive business data from your employees through various method such as telephone, email or in person.
- Educate your staff and quiz them throughout the year to make sure they’re kept up-to-date with security awareness.
- Make sure employees understand the damage caused by a data breach including legal, financial and criminal consequences.
- Perform random workstation checks to ensure employees are not leaving sensitive information on their screens.
- Encourage staff to report suspicious activity.
You can never expose your employees to too many security tips! The more you educate employees on security awareness the better your chances become in not falling victim to a data breach.