The Five Most Common Security Mistakes At Work

Remote working is becoming more and more common, not just due to the COVID-19 pandemic but also more flexible schedules and working conditions that better adapt to people’s lives outside of their job.
 
Although remote working comes with a lot of benefits, the cyber security risks also increase greatly, due to the employees being away from the normally very safe online spaces within offices. Working from home means people’s devices and WiFi networks can be easily accessed, and sensitive information can be pirated.
 
These are the five of the most common work security mistakes so you can spot them before they happen.
 
1. Weak Passwords
Passwords are the most common and most effective way to secure your devices but it’s easy to get complacent about them. A strong password will require upper and lower case characters, numbers and special characters. They should also not be specifically related to anything in a person’s life that can be easily deciphered, for example their birthday or their pets name.
 
With many different accounts employees must use sometimes, it’s not uncommon for them to use the same password every time or choose to use a weak password, which can greatly compromise the sensitive information for your business. If your employees struggle to remember passwords, have them use a password manager. It’s also very important passwords aren’t saved onto a personal browser’s history, we’ll explore this problem further along the article.
 
2. Taking Security Workarounds
Company security policies can prove to be burdensome at times, they can be complex and sometimes downright annoying. It’s not uncommon for employees to use workarounds to bypass security protocols and therefore save time and be more effective. Whilst this is a well intentioned trick, it can lead to a huge amount of security risks. Hackers will normally look at saved passwords in a person’s browser, as well as their autofill option, It’s the easiest way for them to find out the information they need without much effort so it’s crucial that employees follow safety protocols such as these and make sure they’re staying safe!
 
3. Sharing Devices With Friends & Family
In a work from home setting it’s normal to see employees using the same devices their family members or friends use. Whilst sometimes this is simply inevitable, it can be problematic. People may be unaware of certain security risks and may click on suspicious links or download files received from unknown email accounts. This is the main way hackers access devices and it can be an honest mistake that can cost a lot. If your employees are able to, they should not be sharing devices with anybody else. If this is a major concern for you and your enterprise, consider providing work laptops for your employees so they can continue sharing their personal ones.
 
4. Hitting 'Remind Me Tomorrow' On Software Updates
Yes, that pesky button that keeps appearing every once in a while on your top right corner on your screen. Most people find these updates to be annoying and sometimes plainly unnecessary, but software updates do serve their purpose. The most updated machines are often the safest ones as they’ve updated all the services you use, including web browsing and firewalls as well as other anti-virus equipment. Encourage your employees to keep their machines updated as it’s a very simple step that can be incredibly helpful when fighting off cyber-attacks.
 
5. Be Mindful Of How much Access You Give Contractors
If you work with external vendors and contractors, be mindful of how much access you give them into your IT systems. It’s important to follow the principles of limited access, meaning giving them only the access to the part of the system they strictly need to fulfil their jobs. This is good practice and avoids ill-intentioned people from picking up information from you that you may not even realise has been stolen. 
 
Summary
Overall, cyber security is more important now than ever, so it’s essential to maintain good practices when you’re in and out of your office, keep your business and your employees safe from hackers.
 
Elizabeth Hines is a Technical writer who works at at Do My Assignment online service.       Image: Unsplash
 
You Might Also Read: 
 
Managing  A Remote Team To Protect Against Cyber Attacks:
 
 
« Biden Warns Putin The US Will React To Attacks
British Police Double Down On CyberAlarm »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

cPacket Networks

cPacket Networks

cPacket’s distributed intelligence enables network operators to proactively identify imminent issues before they negatively impact end-users.

NXO France

NXO France

NXO is an independent leader in the integration and management of digital workflows with services covering digital infrastructures, communications & collaboration, and security.

GraVoc

GraVoc

GraVoc is a technology-consulting firm committed to solving business problems for customers through the development, implementation, & support of technology-based solutions.

VietSunshine

VietSunshine

VietSunshine is a leading provider of network security infrastructure and solutions in Vietnam.

Paladin Capital Group

Paladin Capital Group

Paladin is a leading global investor that supports and grows the world’s most innovative cyber companies.

Africa ICS Cyber Security Conference

Africa ICS Cyber Security Conference

Africa's largest ICS Cyber Security Conference and Expo. The only platform that will proudly present top level B2B and B2C networking opportunities.

BrandShield

BrandShield

BrandShield is an anti-counterfeiting, anti-phishing and online brand protection solution.

Aristi Labs

Aristi Labs

Aristi Labs provides comprehensive security solutions to help businesses protect data and intellectual property, minimizing downtime and maximizing productivity.

CyberClan

CyberClan

CyberClan’s carefully selected team of experts is capable of solving complex cyber security challenges – keeping your data secure and your businesses running as usual.

Datenschutz Schmidt

Datenschutz Schmidt

Datenschutz Schmidt is a service provider with many years of experience, we support you in complying with numerous data protection guidelines, requirements and laws.

Scrut Automation

Scrut Automation

Scrut Automation's mission is to make compliance less painful and time consuming, so that businesses can focus on running their business.

Vaultinum

Vaultinum

Vaultinum are a trusted independent third party specialized in the protection and audit of digital assets.

Prescott

Prescott

Prescott acts as your guiding light in the preparation for your CMMC assessment and long after by governing your cybersecurity practice.

Omdia

Omdia

Omdia is a technology research and advisory group. Our deep knowledge of tech markets combined with our actionable insights empower organizations to make smart growth decisions.

AuditBoard

AuditBoard

AuditBoard is the leading cloud-based platform transforming audit, risk, ESG, and InfoSec management.

AUCloud

AUCloud

AUCloud is a leading Australian cyber security and secure cloud provider, specialising in supporting businesses and Governments with the latest cloud infrastructure.