You may be surprised to find out that the number one cause of IT downtime is your employees, not an external threat. All it takes is the slip of a finger to accidentally delete a system file causing an application to crash. And even the most careful person could click on some very cleverly disguised ransomware bait or spill a cup of coffee over their computer.
Most business owners don’t realise the true cost of downtime until it slaps them on the face. This, for most of us, is bigger than a kick in a teeth. You knew the risks, failed to prepare efficiently, so now have to pay the price. Not just a financial price, which in itself is incredibly painful, but the harder to measure company reputation and lack of employee confidence. Luckily, there are things you can do to reduce the likelihood of human error. We’ve made a list of a few straight forward points you can implement in your workplace.
Sufficient Cyber Security Training
Provide employees with the training and skills necessary to use systems and software the right way. Training is especially important when introducing new or updated systems to the workplace. Make sure every new employee undergoes cyber security training as part of their welcome week.
Document Operating Procedures
Create and document consistent operating procedures and ensure these procedures are accessible to employees. If it takes someone more than a few minutes to find what they’re looking for, they are more likely to try to perform that task from memory which increases the potential for human error.
Run regular tests and record incidents and ‘near misses’
Run regular tests to see how people react to unfamiliar emails and where they are storing their data. This will highlight any weaknesses within the workforce and suitable training or further protection can be implemented. Documenting incidents and near misses allow you to analyse trends, rectify vulnerabilities and thereby reduce the likelihood or impact of future incidents.
Although passwords such as your dogs name, date of birth or the good ol’ Password123 may be easy to memorise but can also be correctly guessed by someone else, or can easily be cracked by the brute-force attack. A common password is also a big risk factor, as you just don’t know who else it will be shared with. Furthermore, if one password is used by employees across multiple accounts, all the accounts risk being breached. Ensure when you are resetting employees passwords you don’t opt for a generic word, as this more often that not will never get changed, and the majority of your workforce share the same password. Also make sure employees are changing their passwords every 3 months.