Security Slideshow: High-Risk Employee Behavior: 10 Areas to WatchBy Don Reisinger | Posted 01-11-2011
Dangerous browsing habits
We know the dangers that lurk on the Internet. But your employees don't necessarily recognize this. Some Web sites are crawling with malware, while others can potentially send employees to dangerous sites. Make education a priority and keep a close eye on browsing habits.
The attachment war
E-mail attachments can be dangerous. Employees should be made fully aware that, even if they receive an E-mail from someone they know, they can't necessarily trust that the attachment is safe. Do all your employees know this?
Rooting out spam
Although you undoubtedly have spam filters, far too many unwanted messages sneak through even the most capable solutions. Teach employees to quickly and easily spot spam and encourage them to delete these messages without clicking on them.
Backup early & often
Believe it or not, some companies forget about the importance of backups. Hard drives fail, servers can go down, and having redundant storage in place only goes so far. Educate your employees about the company's data-backup policies and make sure they're abiding by these.
Applications are creeping into the enterprise through every crack and crevice. Policies will only be followed if there are consequences for violators. Make sure employees know that if they're using software that hasn't been authorized for use on their corporate computers, it must be removed immediately - and then make sure this actually happens. Unauthorized software can cause major productivity and security issues.
The lowly USB drive
They're ubiquitous and capable of storing large amounts of data. A USB was the alleged medium by which U.S. Diplomatic cables were shared with WikiLeaks. What's your USB policy? Set it, and don't forget it.
If you don't already have a use policy regarding sites such as Facebook and Twitter, this is the year to create one. Remind employees of the dangers that can lurk in links shared on social networks, and teach them to be healthy skeptics about how they use these tools to share information.
Tablets, smartphones are everywhere
It's up to you to make sure that when employees access corporate data on those devices, they're doing so securely. Educate employees about encryption, updating security settings and backing up data on mobile devices as often as they do on PCs. Make sure you've got the right IT administrative tools to manage your growing mobile user base.
The mobile employee
Workers are more likely to engage in dangerous behaviors when they're away from the office and the prying eyes of IT staff. Moreover, you need to be concerned about how they're transferring data over unsecured Wi-Fi networks. Having several mobile safeguards in place should be a top priority in 2011.
Distractions = lost productivity
There are more distractions vying for your employees' attention today than ever before. Social media, mobile apps, games, online content, online shopping-these are all lures that beckon the procrastinators among us. Figure out how much fun is too much fun, set policies, and then enforce those limits.