BLOG
BE MORE SECURE: Create A Security Culture Within Your Small Business and offer Cyber Training
According to management consultancy giant Accenture, there has been a 67% increase in security breaches between 2013 and 2019. A 2014 IBM survey helped put the finger on the main cause of those breaches: human error was a major contributing cause in 95% of all breaches. In light of this it is imperative for small business owners to offer the right training to staff to be more security-aware and to avoid the common pitfalls of human error. There are lots of training courses available online or in the physical classroom environment. However, the first step before choosing any programme is to identify issues and plan the training sessions for maximum effectiveness. Security training - cyber security training/IT security training - needs to be part of the organisational culture and should cater for the specific needs of small business owners.
Training needs to teach the end user to make the right decision in a security situation. For him/her there first needs to be awareness that they are in a situation where security is at stake. Inaction compromises security therefore it is important that the user knows which action to take e.g. reporting the action to the IT staff or the Manager. Other essential parts of training are: a complete understanding of the importance of security procedures and the ultimate requirement to avoid "pain" i.e. not to indulge in risky behaviour which could breach security. Timely interventions are important and everyone within the business must be security-aware even when sending or receiving emails or choosing passwords. Security awareness has to be an integral element of the company culture. In fact businesses must have a security culture. Concerns should be reported and discussed and there must be a general engagement with security issues.
Security awareness training per se can focus on the most common sources of threat in the small business. The internet and email use can cause a major risk to businesses. Staff should at all times be trained in best practice i.e. not to install malware, leak data, or give up credentials to phishing emails. Symantec, an industry leader in security, claims 23% of employees open phishing messages. Internet and email users should be taught the difference between cc and bcc fields and the meaning of the HTTPS encryption symbol on websites. Cloud security should be explained as well as the potential risks of removable media devices.
Password security is key and staff can be trained and encouraged to use password managers and two-factor authentication. Remote working, the new post-Covid work trend, is here to stay and brings along its all range of risks and threats as some people use public wi-fis in cafes or are not respecting security procedures at home. Working on the move needs to be equated with vigilance, respect of security measures and alertness on the user’s part. It is to be remembered that mobile devices can be sources of leaks and security breaches if they fall into the wrong hands. The use of social media networks/platforms, for example, needs to be carefully monitored for extra security so that the right messages are conveyed on those platforms.
Customisation also means using Microsoft tools which are already available, at no additional costs. With Dynamics 365 data, for example, sales staff can close more deals. Focus is on finding and building stronger relationships with prospects and customers/clients and improving staff productivity and performance. Deeper 360° insights are offered to the sales and marketing staff and data is analysed and contextualised for quicker and better decision-making.
WE ARE HERE TO HELP
The security culture aspired to by many small business owners is within reach. Intelligent staff training or cyber training is an essential requirement. Here at Associate Planet, a boutique IT and technology consultancy, we can help, support and train you in IT security and we totally understand small business owners. Call Richard on 07831 196534 or email info@associate-planet.com. We’ll gladly provide free consultation to help you decide on the right course of action.
Please do not hesitate to contact Richard and we'll gladly provide free consultation to help you decide on the right course of action.
Source Acknowledgements: The Cloud Consultancy
Richard M.Inst.D
Blog Archive:
Blog: Improve Cost-Efficiency And Productivity With A Tailored CRM Using Microsoft 365 - August 2021
Blog: Use Technology To Promote Well Being At Work - June 2021
Blog: Choose Ai In The Workplace For A Meteoric Boost In Company Productivity - May 2021
Blog: Cloud Computing - Make it easy to work from anywhere - April 2021
Blog: Should Micro Businesses Worry About Cyber Security - March 2021
Blog: Flexible Working - The Future of Work - January 2021
Blog: Parental Controls - December 2020
Blog: Video Conferencing Etiquette - November 2020
Blog: Flexible Working - October 2020
Blog: Dont Be Alone - May 2020
Blog: Is your IT behaving itself? - May 2019
Blog: Lets do it - The Integrated Business - May 2018
Blog: Technology-What can we do to help ourselves - December 2017
Blog: Let's Simplify Technology - November 2017
Blog: Marketing and the SME - March 2017
Blog: Stay Safe - January 2017
Blog: The Year - December 2016
Blog: Marketing - September 2016
Blog: Digital Marketing - August 2016
Blog: Integrated Technology - June 2016
Blog: Cyber Security - March 2016
Blog: Introduction - March 2016
|
|