Hello, this is David Quick, from Total Cover IT®. And today, we are going to talk about one of the greatest threats to the security of your computer network. What do you think that is? It’s your employees!
Employees, well-meaning employees going about their day-to-day work. They’re so busy. They just want to get work done. But they may not notice that phishing email that came in, and they go ahead and open the malware attachment, which goes ahead and loads on their system, and then proceeds to be loaded on every computer on the network. Or an employee manual browsing the web, and this may be for work leading to tip activity, or it may not, and they may go to a malware laden website, and that malware gets loaded onto the system, and that goes on to get loaded onto all the computers on the network.
So how do we deal with employees? First off, what you need to do is institute an Acceptable Use Policy. This is a set of rules that govern how company computer resources are used. This would include computers, as well as mobile devices that touch the network. It would include your email, how email is used, what may be included, what may not be included. There are other aspects as well. But this gives you a general idea. So that’s step one.
Step two is to implement some restrictions on what employees can do on the computer. You don’t want employees installing software on a whim, because that allows them to install viruses, inadvertently, of course. Also, implement a system that restricts what websites they can go to. So restricting computer activity. That’s step two.
For step three, what we need to do is implement what is called user awareness training. User awareness training is where you send employees fake phishing emails, not so much to trick them, but to teach them. To teach them to be more aware of what to do when the real thing comes through. And this needs to be done on a continual basis, not just a one-off type of situation. So that you are continually teaching the employees and they’re learning and they’re maintaining awareness and building awareness. So that even if they are busy, they will still notice that phishing email that came in and recognize it for what it is. So, if you follow these steps, you will go a long way towards better securing your computer network.
If you have any questions on any of this, feel free to reach out to me. I’m David Quick from Total Cover IT® where “Our I is on your T®”. Thanks for watching.
