Our recent launch of the Baseline Employee Cybersecurity Assessment provides MSPs with a new tool to add to their prospecting and baseline risk detection efforts. As an MSP, it gives you the opportunity to show prospects and clients that human security plays a key role in protecting their organization and that without proper ongoing training, employees are an easy entry point for cybercriminals.
While a security risk assessment will identify gaps in a business environment, the human element should never be overlooked or assumed to be foolproof. Ongoing training is critical, but this assessment provides a deeper dive into which part of that human factor needs to be strengthened. The Baseline Employee Cybersecurity Assessment is delivered via a URL and is made up of a series of questions across six different cybersecurity categories, showing organizations where employees are struggling the most and maybe the most likely to fall victim to a malicious attempt made by cybercriminals.
This week we’re focusing on the Social Media component of the assessment.
Oh, social media. The tools that we love to hate and hate to love. The way in which we keep in touch, share (and overshare) information, and from a professional viewpoint, engage with our customers and clientele. Social media can make a business and yes if handled incorrectly, break it as well. Your brand is your business and part of that brand includes how you interact on social platforms. And anyone with access – whether they post and interact as an “official” representative of the business, or are indirectly associated because they are an employee, will influence how the public perceives your business. And if you are in the healthcare business, HIPAA laws can be applied as well.
In this section of the assessment, we ask the questions that focus on behaviors when engaging with social media and identify behaviors that can lead to a breach or compromised data. For example, should you reply to a customer or patient’s complaint online? And when it comes to surveys, quizzes, or other information-gathering posts, are employees aware of the dangers that those can pose? Cybercriminals are collecting your answers to gather the information that can provide access to a company’s network or deliver malicious links. It isn’t hard in an electronic age to connect who works where, and then cross-reference any information that is found on the dark web to initiate a breach with that information.
If you have an official social media account for your business, guidelines for interaction with outside parties should be discussed and defined as well. The cybersecurity of your business is dependent on the smart and safe behaviors of your team. Mistakes can easily and unintentionally be made when it comes to providing too much personal information on these public platforms – regardless of what they believe their privacy settings are. Additionally, you need to consider unsecured mobile devices and unused accounts. Are you providing an open door to cybercriminals by not paying attention?
This section can act as a conversation starter with your clients as you work to help them define how social media affects their business and what their expectations are around employee behaviors and accountability.
How To Use the Results
After each employee completes their assessment, the results are recorded along with the overall time taken to complete the assessment. You are then given a report to share with client management that provides the average score across all employees who completed the assessment, as well as their individual scores. The report breaks down each of the six categories to show management where their employees are struggling the most. This new tool changes the way MSPs can show their prospects and clients their human security risks at baseline, helping to highlight the critical need for an ongoing security awareness training program to reduce those risks. We’re excited to add the Baseline Employee Cybersecurity Assessment to our platform as another way for MSPs to expand and grow their businesses. This tool is now available for Breach Secure Now partners! If you’re a current partner and have questions on how to access this tool, or if you’re interested in learning more about how you can get your hands on this game-changer, you can contact us today! And, did we mention, it is INCLUDED with a Breach Secure Now partner subscription at no additional cost? Get started today!