How to Train Your Employees in Security

It seems these days data security breaches are more common than not. It’s important for your company and your employees to be aware of the possibility of a potential breach and to be prepared in advance to effectively manage it.

On February 4, 2015 Anthem Insurance announced they were a victim of a cyber attack which resulted in the theft of tens of millions of records. The information was that of current and past consumers as well as staff members.

What did Anthem have to say about what the hackers took during the security breach? “They obtained personal information from [its] current and former members such as their names, birthdays, medical IDs/social security numbers, street addresses, email addresses and employment information, including income data.”

Below are five tips to make sure your team is trained on how to manage their PCs and PC usage in order to prevent a data breach.

1. Initiate Regular and Routine Training. Add this to your to do list and consider doing it as frequently as monthly. By identifying which employees may need extra security training, you can get ahead of potential issues by going over important dos and don’ts.
2. Use Employees to Test Security. Put together a test team of employees to see how quickly they are able to crack codes such as passwords and where important document information is located within your systems. You could use the www.dbschecks.org.uk to check the candidate’s previous records and behavior.
3. Educate Employees on the Important of Home Computer Security. If employees are being safe and smart with their own computers outside of the office, chances are they will want to do the same at work. They will see the importance of protecting both systems. Enlighten them on the importance of both.
4. Introduce and Implement Consequences. If you decide to do so, think of it as a “strike three, you’re out” system. Should an employee do something that goes against your safe security practices, give them a warning. If they reach a determined “at risk” point, revoke their access to computer systems and have them go through training again to regain some privileges.
5. Keep in Mind, Training Can Only Go So Far. There will always be things that happen which are out of your control. Security breaches as a result of phishing or malware schemes will come without warnings. Take precautionary protection measures and educate yourself and your team on how to prevent these threats by being cautious concerning the websites they visit and the emails they open.