Computer Security Tips for the Workplace | University of Delaware Online

Computer Security Tips for the Workplace

Think about the workplaces of the past: We kept phone numbers in Rolodexes; took calls at our desk; wrote notes on paper; sent and received correspondence in the mail. When we took work home, we did it in file folders – which we brought back to the building the next day.

Career Spotlight Cybersecurity Manager

Now, think about workplaces today: We work anywhere – home, coffee shops, on the go – and can send and receive calls, email and documents on smartphones, tablets and laptops. Our contact lists live in our phones and include email addresses and social media data; we share files in cloud-based services like Dropbox and Google Drive – which sends all that company information outside the office.

As workplaces evolve and technology advances at a quicker rate, it’s vital that we understand how to combat cyber threats that have become so prominent in recent years. Here are some tips on how you can help protect your company from cyberattacks.

Create a Culture of Computer Security

Before you put guidelines in place, you must create a culture of computer security for your employees, including top-level executives. Your team needs to understand the many ways your company can fall victim to cyber threats, whether through carelessness, hacking or internal sabotage. Getting your workers invested in protecting digital assets within your network is the first step toward cybersecurity in the workplace.

  • Raise awareness: Be your employees’ best educator about cybersecurity. Make sure they understand the possible consequences of inadequate password protection, successful phishing attempts and outright data theft.
  • Do it in steps: “Focus on specific incremental goals rather than trying to be all-encompassing and attempting to achieve too much too fast,” writes Fran Howarth for Security Intelligence. “Identify the behaviors the organization wants to promote and align this to business results so that employees can understand the value security has in protecting the overall organization.”
  • Make the issue personal: Present computer and internet security to your employees in ways relevant to them. If you are a retail company, give examples of how other retail companies were compromised and what the fallout was – for instance, how much customer account information was lost and what that will cost, not only in individual privacy, but also to the company.

Tips for Workplace Computer Security

Your IT department and cybersecurity efforts are only as strong as your weakest link – i.e. that person who uses the word “password” as their password, a worker who doesn’t recognize a phishing attempt and inadvertently gives out company information, or an associate who downloads a file he or she believes is safe only to find that there was malware involved. So, how can employees work to safeguard valuable assets from cyberattack?

  • Create good passwords: Passwords must be complex, a combination of uppercase and lowercase letters, numbers, and symbols. Change them regularly – the Department of Homeland Security (DHS) recommends every 45 to 90 days.
  • Follow software rules: Workers must know whether they can download and install software or files on their computers, or whether IT must be involved.
  • Know email guidelines: Emphasize that employees need to be aware of suspicious links in email, even when they believe the email is from a trusted source.
  • Understand “the Cloud”: Make sure employees know that anything they put in a cloud-based file-sharing system is vulnerable to cloud hacks. “Proponents say online file-sharing services are effective tools for boosting efficiency and even encouraging innovation,” writes the Wall Street Journal. “But others are worried that a growing volume of sensitive corporate information is floating in the cloud without the knowledge or protection of companies’ IT departments. There are too many ways, these critics say, for outsiders to get their hands on that information, by accident or design.”
  • Use only approved Wi-Fi: Employees need to know that not all “free” Wi-Fi is safe. They should never connect to a computer-to-computer or peer-to-peer network, for example. Business travelers who connect to a seemingly safe network in an airport can unknowingly download a computer virus, then transfer that virus when they reconnect to their company’s network.

How Can Cybersecurity Professionals Help?

Cybersecurity experts need to be the first line of defense against cyberattacks. These professionals should come on board with a high level of expertise and be given continuing education as threats to secured networks evolve. Cybersecurity experts should:

  • Establish policies: Employees need to know the protocol of password creation, file-sharing, downloads, flash drives and using Wi-Fi outside the company.
  • Determine any limits on internet browsing: Some companies are choosing to ban their employees from visiting social media sites on workplace computers, partially due to productivity concerns but also due to cybersecurity fears. “Many companies block access to a variety of websites for security and liability issues,” writes the Houston Chronicle. “Sites known to distribute malware or sites with content deemed inappropriate for the workplace are commonly blocked by firewalls or routers at the point of network access.”
  • Implement security measures: DHS recommends what it calls Technical Defenses – i.e., firewalls, intrusion detection systems and internet content filtering. It also recommends monitoring, logging and analyzing any attempted or successful intrusion to your system.
  • Update anti-virus software: Anti-virus software should be updated frequently, as a matter of routine, on every computer in the company. “Cybercriminals are always looking for new forms of attack, and new ways of accessing your money and information,” says security software giant McAfee. “Consider that McAfee detected 100,000 new malware samples a day in the second quarter of this year alone.”
  • Be proactive: Download security patches for all the software your company uses. Install encryption software on any flash drives employees use. Determine policies regarding remote work. Review all cybersecurity procedures regularly to see if they need updating.

Learn More About Cybersecurity

If you are already in IT or computer engineering, consider increasing the level and sophistication of your education. A master’s degree in cybersecurity enhances your skills and your marketability, and can be earned online at the University of Delaware.

Learn more about the online Master of science in Cybersecurity program.

Bookmark and Share

[an error occurred while processing this directive]