The Five Most Common Security Mistakes At Work

Remote working is becoming more and more common, not just due to the COVID-19 pandemic but also more flexible schedules and working conditions that better adapt to people’s lives outside of their job.
 
Although remote working comes with a lot of benefits, the cyber security risks also increase greatly, due to the employees being away from the normally very safe online spaces within offices. Working from home means people’s devices and WiFi networks can be easily accessed, and sensitive information can be pirated.
 
These are the five of the most common work security mistakes so you can spot them before they happen.
 
1. Weak Passwords
Passwords are the most common and most effective way to secure your devices but it’s easy to get complacent about them. A strong password will require upper and lower case characters, numbers and special characters. They should also not be specifically related to anything in a person’s life that can be easily deciphered, for example their birthday or their pets name.
 
With many different accounts employees must use sometimes, it’s not uncommon for them to use the same password every time or choose to use a weak password, which can greatly compromise the sensitive information for your business. If your employees struggle to remember passwords, have them use a password manager. It’s also very important passwords aren’t saved onto a personal browser’s history, we’ll explore this problem further along the article.
 
2. Taking Security Workarounds
Company security policies can prove to be burdensome at times, they can be complex and sometimes downright annoying. It’s not uncommon for employees to use workarounds to bypass security protocols and therefore save time and be more effective. Whilst this is a well intentioned trick, it can lead to a huge amount of security risks. Hackers will normally look at saved passwords in a person’s browser, as well as their autofill option, It’s the easiest way for them to find out the information they need without much effort so it’s crucial that employees follow safety protocols such as these and make sure they’re staying safe!
 
3. Sharing Devices With Friends & Family
In a work from home setting it’s normal to see employees using the same devices their family members or friends use. Whilst sometimes this is simply inevitable, it can be problematic. People may be unaware of certain security risks and may click on suspicious links or download files received from unknown email accounts. This is the main way hackers access devices and it can be an honest mistake that can cost a lot. If your employees are able to, they should not be sharing devices with anybody else. If this is a major concern for you and your enterprise, consider providing work laptops for your employees so they can continue sharing their personal ones.
 
4. Hitting 'Remind Me Tomorrow' On Software Updates
Yes, that pesky button that keeps appearing every once in a while on your top right corner on your screen. Most people find these updates to be annoying and sometimes plainly unnecessary, but software updates do serve their purpose. The most updated machines are often the safest ones as they’ve updated all the services you use, including web browsing and firewalls as well as other anti-virus equipment. Encourage your employees to keep their machines updated as it’s a very simple step that can be incredibly helpful when fighting off cyber-attacks.
 
5. Be Mindful Of How much Access You Give Contractors
If you work with external vendors and contractors, be mindful of how much access you give them into your IT systems. It’s important to follow the principles of limited access, meaning giving them only the access to the part of the system they strictly need to fulfil their jobs. This is good practice and avoids ill-intentioned people from picking up information from you that you may not even realise has been stolen. 
 
Summary
Overall, cyber security is more important now than ever, so it’s essential to maintain good practices when you’re in and out of your office, keep your business and your employees safe from hackers.
 
Elizabeth Hines is a Technical writer who works at at Do My Assignment online service.       Image: Unsplash
 
You Might Also Read: 
 
Managing  A Remote Team To Protect Against Cyber Attacks:
 
 
« Biden Warns Putin The US Will React To Attacks
British Police Double Down On CyberAlarm »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

National Centre of Incident Readiness & Strategy for Cybersecurity (NISC) - Japan

National Centre of Incident Readiness & Strategy for Cybersecurity (NISC) - Japan

NISC was established as a secretariat of the Cybersecurity Strategy Headquarters in collaboration with the public and private sectors to create a "free, fair and secure cyberspace" in Japan.

Beachhead Solutions

Beachhead Solutions

Beachhead's SimplySecure is a configurable, web-based management tool allowing you to remotely secure vulnerable mobile devices in your organization.

Glasswall Solutions

Glasswall Solutions

Glasswall Solutions has developed a disruptive, innovative security technology which provides unique protection against document based cyber threats.

TUV Sud

TUV Sud

TÜV SÜD is one of the world's leading technical service organisations. Services offered include industrial cyber security.

Galvanize

Galvanize

Galvanize is a leading provider of award-winning, cloud-based security, risk management, compliance, and audit software for some of the world’s largest organizations.

Vysk Communications

Vysk Communications

Vysk is an award-winning mobile security firm that has developed the world’s most secure system for voice communication.

MBL Technologies

MBL Technologies

MBL Technologies specializes in information assurance, enterprise security, privacy, and program/project management.

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute is an independent non-governmental organization that focuses on research and analysis of security challenges including defence and cyber security.

Zerocopter

Zerocopter

Zerocopter enables you to confidently leverage the skills of the world's most knowledgable ethical hackers to secure your applications.

Cyversity

Cyversity

Cyversity's mission (formerly ICMCP) is the consistent representation of women and underrepresented minorities in the cybersecurity industry.

GMV

GMV

GMV is a technological business group offering solutions, services and products in diverse sectors including Intelligent Transportation Systems, Cybersecurity, Telecoms and IT.

M2MD Technologies

M2MD Technologies

M2MD Technologies offers solutions optimized for cellular IoT that provide stronger security, reduced costs, enhanced user experience, and ultimately generates higher returns for stakeholders.

Hunter Strategy

Hunter Strategy

Hunter Strategy focuses on delivering solutions that are concise, scalable, and target our customer’s complex technical challenges.

International Association of Financial Crimes Investigators (IAFCI)

International Association of Financial Crimes Investigators (IAFCI)

International Association of Financial Crimes Investigators provides services and information about financial fraud, fraud investigation and fraud prevention.

Cybertech Nepal

Cybertech Nepal

Cybertech Nepal is committed to provide high-quality cyber security solutions, including server assessment and hardening, forensics and malware analysis, end-point threat analysis, and VAPT.

Forward Global

Forward Global

Forward Global designs and delivers services and technologies to manage digital, economic, and information risks.