#Article
Every Employee Should Have Basic Computer Security Training
When news broke regarding “Operation Shady RAT”, it proved once again that everyone is at risk for cyber attacks. As hackers continue to develop more sophisticated methods to break into systems, human error makes it even easier. Even the most basic computer security training can make a difference when it comes to protecting your company from hackers.
Inefficient cybersecurity investigations leave the door open for more incidents.
A streamlined approach to filing reports helps you start your investigation strong and resolve the incident sooner. Use our free cybersecurity incident report template to ensure consistent, speedy record-keeping.
Implement Employee Computer Security Training
If employees don't know the basics of computer security, they can put a system that isn't adequately protected, and even one that is, at great risk.
An article by Teresa Smith in the Ottawa Citizen reports on the damage caused by a lack in basic computer security know-how:
One of the biggest flaws in security networks, as exposed with revelations this week about a global wave of online espionage, is human error, they say, spurred by a lack of basic computer training for executives and high-ranking officials. As online scams and targeted espionage become more sophisticated, government and companies need to teach their employees how to protect themselves, said Ken Chase, owner of a Guelph, Ont.-based computer-security company. "Basic computer security knowledge is fairly lacking, so people can be taken advantage of fairly easily," said Chase.
RELATED: 11 Cybersecurity Threats (Plus 5 Solutions)
Some of the areas you’ll want to address when training your employees on basic computer security practices include:
- Email security- password protection, encryption, double checking intended recipients, making sure the correct attachment is being sent, not opening spammy looking or questionable emails, etc.
- Passwords- how to make a strong password, when passwords need to be changed and why you should never leave it on a sticky note on your desk, computer, notebook, etc.
- Anti-virus scans- why they are important and when they are done.
- Handling company information- how to keep private documents secure and how to properly dispose of documents when they are no longer needed.
- Consequences for failing to take security matters seriously and violating company policies.
Training programs need to be updated to reflect new security risks. Shorter, more frequent, training sessions allow you to keep security top of mind for employees and make it easier for them to digest information.
How the Canadian Federal Government Does It
The CBC News article, “Federal agency to trim IT costs,” by Laura Payton reports on a plan from the Canadian federal government to boost information security by streamlining and consolidating government networks:
Government departments currently run their own information technology programs, meaning there are 100 different email systems across the public service, 300 data centres and 3,000 overlapping and unco-ordinated networks…Combining the networks will make the government's system more secure, they said. The streamlining and consolidation mean fewer portals to defend and will make it easier to detect if someone gets into the system, a senior government official said in a briefing following the announcement.
The Canadian government hopes that these measures will increase security and ensure that sensitive information remains private. Hopefully this plan is accompanied by employee training!
RELATED: Phishing, Spoofing, and Whaling: Tips for Keeping Your Company Safe