3 types of employees that can totally screw up your security
Even if your employees said that being a perfectionist was their “biggest weakness” during their interview, they’re bound to screw up at one point or another. And in terms of cybersecurity, they can fudge up big time.
Contrary to popular belief, the biggest threat to your systems isn’t some hooded figure typing away in his mother’s basement; it’s reckless employees who are constantly letting them in. So if you’re serious about security, make sure to keep a close eye on the following people.
Larry from finance
Larry is a thirty-something financial manager who’s been with your company for over five years. He’s a solid employee who processes payrolls and reimbursements on time. But he’s also scared of upper management, and approves urgent wire transfers just to keep them happy.
While there’s nothing wrong with following the boss’s orders, it could lead to devastating hacks. One example is phishing emails disguised as internal emails, whereby hackers use a spoofed company account to bully people like Larry into wiring money to the wrong account. In some cases, the hacker might just leave a malware attachment, hoping that Larry will download it.
Sure, after reading this, you’re probably wondering who’s dumb enough to fall for cheap tricks like these, but you’d be surprised by the statistics.
“It’ll be fine, they said. Just wire $100,000 to my other account, they said.”
In any case, you should always have clear-cut procedures for your finance team and train them to avoid clicking on links unless they’re sure it’s safe. Also, it doesn’t hurt to give Larry some slack if he’s taking a bit longer to verify your wire transfer requests.
Trisha from sales
Trisha may be your most promising sales representative, but she might be bringing in more than just potential customers.
She could be bringing in this guy.
Sales usually comes into contact with a wide variety of people, and this includes scammers plotting to take over your systems. So what may look like a sales opportunity for Trisha might actually be a cybercriminal interested in your company’s private information.
What’s more, if she works remotely, she could be connecting to free WiFi networks prevalent in hotels and cafes. Although this seems harmless, it actually allows even novice hackers to access your confidential information with a few simple tools.
Again, the best way to protect Trisha and your company is with regular security training. This involves meeting with employees once every few months and drilling into their brain that the internet is full of trolls and unsavory characters. For sales staff who work remotely, make sure they’re connected to Virtual Private Networks so that hackers don’t get to sneak a peek into your data.
Steve the COO
Like it or not, even Steve, your partner in crime, can inadvertently mess things up. With unrestricted access to company secrets, C-suite executives are highly prized targets. If someone guesses Steve’s passwords, it could mean the end of your company. And if he has a habit of posting just about anything that comes into his mind on social media, hacking into your company would take no time at all.
Based on the clients we’ve served over the years, it’s safe to say that passwords are probably the biggest points of failure for businesses. As such, make it mandatory for everyone, especially Steve, to enable multi-factor authentication features like fingerprint scans or SMS codes.
Apart from that, set strict guidelines on what employees can share, post, or tweet about your company. You should discourage workplace selfies; not only are they ridiculous, but the photo background could reveal sensitive information.
“Hey everyone, let’s take a selfie with our business forecasts!”
While these types of employees are the most likely targets, everyone can fall victim to cyberattacks. The only way you can ensure total protection is with security training and cutting-edge tools. Luckily, we can provide both. Call us today to minimize the chances of your employees screwing up!
