IT professionals do a lot behind the scenes to keep networks safe. Users also have to do their part. They can do a lot of simple things, but they could also be doing a lot wrong.
These are the top security mistakes that users may make, along with some tips to improve your security to keep your company and them safe.
1. Don’t fall for phishing emails
This is why phishing is number one. Bogus emails that purport to request login to your bank account or email address, and links to pixel-perfect copies, are difficult to spot even for the most tech-savvy.
Learn how to become a security expert with SPOTO’s Cybersecurity Training
Start training It’s business as usual. No one would blink an eye. These scams have cost millions of dollars. You have to ensure that your SPF records are correct in order to prevent someone from spoofing the domain. No? !
Attachments are another option. If someone handed you a package and told you to open it and eat what’s inside, would you take it? Email is the same.
2. Sharing passwords
Sharon, Sheryl, and Sherry all know each others’ passwords. How else will they log in to each other’s computers to access something? Or they all have the same login to the same site or application.
This also applies to users who tell you their passwords. Log in as a user to change their password. Then, do your work and then help them change it again. This protects you and emphasizes to them that no one, not even IT, needs to know their password.
3. Unlock their computer
You can give anyone who passes you access to your email, files, or other sites. Windows 7 includes this super creepy wallpaper as a gentle prank to teach them a lesson.
4. Simple passwords
Could be their spouse’s/kids’/dog’s names, or a single word. How important is password security? You can read the rest. We didn’t warn, but we won’t lie to you.
5. Do not pay attention to system updates
“Reboot now to install updates!” I’m finishing this TPS report. Rebooting will take up to 30 minutes of my day! Tomorrow is my day! *clicks ignore*
The next day…
“Reboot now to install updates ?!?!”
6. The random USB drive they found in a parking lot
Yeah, just stick that thing in your computer and open anything that’s on it, it’s fine, thisisakittenvideoandtotallynotmalware.exe, sounds totally legit.
7. Disable anti-virus
“But it slows down my computer!” It doesn’t slow down your computer by having 40 Chrome tabs open and all of the Office programs open simultaneously. Malware, spyware, ransomware, and other malware all slow down your computer.
Wait Mr. IT Pro, your AV does not have central management that allows you to lock down the AV application settings and allows you to see if every computer has AV installed. Shame on you, it’s time to look for a better solution.
8. Not keeping a clean desk
We are not talking about the Coke cans or dirty mugs. We are talking about paper with confidential information and sticky notes that have passwords visible. You must lock up any paperwork you have, and burn sticky note passwords. Do your dishes.
9. They can install any software they wish
Different companies have different policies. Some restrict you to a few apps, while others block you from installing any other apps. Some claim that these apps are used by IT, and they will approve you for any other apps. They won’t. Sometimes they have free reign. Who knows what they’re installing.
10. Access company resources using personal devices