5 Ways Employees can become a Human Firewall

June 27th, 2019
5 Ways Employees can become a Human Firewall

blog-img-5-ways-employees

By now we’ve all heard of a firewall. You may or may not know what it does, but odds are you’ve heard of it.

I realize just because one has heard of a Firewall doesn’t mean you’d know it’s a purpose.

A Firewall is a part of a computer system or network which is designed to block unauthorized access while permitting outward communication.

I assume you know what “Humans” are? Therefore, I won’t get into that.

Today I want to talk about how You can have your employees a human Firewall. You see when it comes to cybersecurity or network protection. You are only as strong as you’re the weakest link. You have to make sure everyone in your office is on the same page.

  1. Security Awareness Training:
    It starts with management. What procedures do you have in place to for your employees to know you’re serious about the protection of your network? Do you have cybersecurity, manual? Do you plan regular training? Have a Network security training segment in your regular company meetings.
    Start with getting real of what your employees know or don’t know about security. Then set a plan in place to educate, educate, educate on what can happen to the company if there was an attack and your network went down. Please don’t assume people know what to look for or do in case they receive something phishy.
  2. Network Security:
    Just like an office building or your house. You probably have locked on your doors? A security system, maybe?
    So why wouldn’t you have a security system for your office network? Examples: Deny or limit USB file storage access, enable enhanced password policies, set user screen timeouts, and restrict user access. If an employee goes to lunch or a meeting, when they walk away from their machine, they need to lock it. In Windows, it is as easy as pressing the Windows key + L. On an Apple Mac, pressing “Control+Shift+Eject.” This practice would be the equivalent to deadbolting the front door of your home. It acts as a deterrent to the bad guys as well as a line of defense. It may even be worth setting up a password lock on your Apple or Windows machine as well.
  3. Email:
    Almost everyone has email. If you have an account, odds are you’ve received spam, malware, viruses or even some sort of ransomware.
    If an offer is too good to be true, it probably is. If you get an email from an unknown source, do not click any of the links within it – and immediately report it to your IT department. If a window pops up while browsing a website, quickly close it. Using your judgment and trusting your gut is the ultimate defense when online. Always play it safe!

    Train your employees to look out for hooks! We call this “Phishing” because there’s usually a hook.
    Examples are “You’ve just won a contest with a large redeemable amount!” Emails from office personal that ask for things to be purchased right away. Emails from banks, IRS, Police agencies, family members, etc. Am I asking you to be paranoid? YES! It only takes a few minutes to verify. If it’s a person you know, pick up the phone and call them. If it’s from your bank, call them! If it’s your co-worker or your boss, reach out to them! Verify, verify, verify!

  4. Passwords:
    Let’s face it. We don’t have to remember phone numbers anymore. However, we do have to remember passwords and user names. So it would be easy for your employees to use the same user and or password for every account. Absolutely!
    Are your employees using the same password for different accounts? The answer, Probably “Yes.” Make it mandatory to use a Password Manager such as LastPass or some other Password Manager. Password Managers are great! A password manager is a software application that is used to store and manage the passwords that a user has for various online accounts and security features. Password managers store the passwords in an encrypted format and provide secure access to all the password information with the help of a master password. I love this tool! I log in at the beginning of my day. I go to a website I visit frequently. It fills in my login info, and there you go! At the end of the day. I log out. Simple!
  5. Communicate, Communicate, Communicate!
    If something doesn't seem right, have an open policy to talk about it. Encourage to go to their supervisor, IT professional if something’s off. Often employees are afraid to say something. Use the motto, “See something, say something!” For example, if another employee is on inappropriate websites, or if their machine has a weird error message or encryption on it. Say something! What a person can say or not say can end up costing or saving your company thousands of dollars, or close your doors for good.

***** Bonus Tip!

Make sure your anti-virus and patches are up to date! How do you do that? Well, I’m glad you asked!
Look into hiring a Manage IT Security Provider (MSP) like Fidelis Inc. An MSP is a must have for any company or business that has Humans in front of computers. What it does is monitors your network 24/7. Not only will it provide anti-virus, updates, and security patches. It will monitor the health of your entire network and well as providing IT support if you have a limited IT staff or no IT staff at all.

Ted-Headshot

Author: Ted Butler

For many businesses, complying with the GDPR’s specific data security and privacy requirements may sound daunting, but it doesn’t have to be. Our eBook Navigating the Data Privacy Labyrinth: A Guide to GDPR Compliance can simplify your compliance journey.GRAB YOUR FREE EBOOK HERE!