If a cyber criminal wants to break into your company's networks, there is no easier place to create a security breach than within your building. IT networks are generally well defended, but you might be just the person a hacker looks to for help. "Impossible," you say. "I would never do that." Maybe not intentionally, but you might not realize how much you're helping someone trying to get into your company's networks.
Don't assume hackers always come in with an elaborate scheme like posing as a phone/network technician— sometimes they're just con men who prey on others' helpful nature. And a security breach might not always come in the form of an intentional attack at all, but can instead be passed along through a non-threatening email, or USB stick.
So, what can the average employee do to help minimize the risk of cyber security breaches?
- Do lock and/or put your computer to sleep whenever you leave your desk. That will slow down anyone who might be looking for an opportunity to break through IT security on a workstation that is logged in and left alone.
- Don't let visitors wander unescorted. Many companies don't allow visitors into the back office, and that's generally a good practice. But even conference rooms can be vulnerable, so don't leave visitors unescorted if there are network cables available for people to plug into a laptop.
- Don't leave anybody that you do not know and trust near your desk when you aren't there, whether your computer is locked/asleep or not. Malware or a key-stroke logger can be installed in seconds when you aren't looking.
- Do be aware of your company's security plans and policies—a documented cyber security plan heightens office awareness of cyber security prevention. When everyone in the office understands the need for cyber security, breaches due to unintentional, or malicious acts can be prevented.
- Do make sure your anti-virus software is up to date. In today's era of swapping files between memory sticks, mobile devices and network drives, it's vital to make sure each machine and network node has the appropriate level of security. That means more than just your desktop PC.
Ultimately, no one employee can keep all the bad guys at bay, but you can take steps to make it more difficult for them to get to your network from the inside.