Many security incidents or even breaches are not caused by sophisticated, malicious hackers but by innocent oversight, carelessness, or lack of understanding of security processes and company policies. Ultimately, the worst IT security incident to deal with is the one you know could easily have been prevented.
I am optimistic enough about people to not expect my car to be broken into while I am in church. But I still lock my doors when I park at church – even right next to the building. Why? Because it’s a habit that would not be wise to break. Walking away from my car and pressing the lock button on my key fob is something I do without even thinking. Inevitably, the one time I neglect to do so would, of course, be the one time someone is roaming around with bad intentions.
Reduce Risk with Continuous Security Awareness Training
Teaching employees to lock their computer when they walk away is the same. It’s just a good idea. Locking the computer should be as basic as not writing down passwords or not taping login details to the bottom of the keyboard. It should become a mindless habit. You may even want to set a company policy that stipulates that computers are to be locked any time an employee walks away for any reason or any anticipated length of time. Even with a policy in place, it is important to explain the reasons and provide reminders often.
All of your security policies require some level of training and regular reminders. Many organizations are actually required by federal and state regulations to provide such training. The HIPAA Privacy and Security Rules, for example, require formal training to take place and for ongoing updates and security awareness for all employees to ensure the protected health information (PHI) held by the company remains secure.
Even if employee security awareness training is not required of your company by law, it is only fair to employees that you let them know what is expected with clear policies and then train them to follow the policies for their own security and protection, while reducing the overall risk to the organization.
Security Tip: Lock Your Computer
Ensure that your employees understand your policies and that security stays on their minds and good practices become habits within your organization. Our security tips can help you satisfy regulatory mandates for ongoing security training more effectively than costly, time-consuming, boring training sessions. Stay up to date with security and compliance with our resources!