Below are some important security awareness topics you should know
Phishing and Social Engineering
Social engineering is typically defined as an attack that’s based on deceiving users or administrators into divulging information. Phishing, an attempt to acquire sensitive information (passwords, usernames, payment details) from an individual through email, chat, or other means, is a common type of social engineering attack.
Passwords and Authentication
A very simple but often overlooked element that can help your company’s security is password security. Often commonly used passwords will be guessed by malicious actors in the hope of gaining access to your accounts. Using simple passwords, or having recognizable password patterns for employees can make it simple for cyber-criminals to access a large range of accounts. Once this information is stolen it can be made public or sold for profit on the deep web.
Internet and Email Use
Some employees may have already been exposed to data-breaches, by using simple or repeat emails for multiple accounts. One study found that 59% of end users use the same password for every account. This means that if one account is compromised, a hacker can use this password on work and social media accounts to gain access to all of the user’s information on these accounts.Often websites offer free software infected with malware, downloaded applications from trusted sources only is the best way to protect your computer from installing any malicious software.
If you’re one of those people who leave their passwords on sticky notes on their desk, you may want to throw them away. Though many attacks are likely to happen through digital mediums, keeping sensitive physical documents secured is vital to the integrity of your company’s security system.Simple awareness of the risks of leaving documents, unattended computers and passwords around the office space or home can reduce the security risk. By implementing a ‘clean-desk’ policy, the threat of unattended documents being stolen or copied can be significantly reduced.
Some employees who need to work remotely, travelling on trains and working on the move may need extra training in understanding how to safely use public Wi-Fi services. Fake public Wi-Fi networks, often posing in coffee shops as free Wi-Fi, can leave end users vulnerable to entering information into non-secure public servers.
Written by Stella Simon