So you’ve implemented a new IT based security system at your business; now what? How do you get your employees up-to-speed?
Step one: know that IT security awareness is not enough. You must properly educate employees on how to engage with security policies and equipment, and work with your IT department and vendors to ensure accurate instruction is provided.
Boost IT Security Engagement Policies and Knowledge
According to an IBM study, 95% of all security breaches somehow involve human error. If employees are uneducated and unengaged with IT security policies and procedures, they can compromise security via:
- Unauthorized Internet and email usage. Websites and emails may contain malicious viruses that could welcome fraudulent activity into your system.
- Unprotected devices (i.e. smartphones, tablets, laptops). Employees must keep devices that contain company information protected with passwords and/or passcodes, antivirus software and firewalls.
- Using pubic Wi-Fi or unsecured networks. Unprotected Wi-Fi can provide hackers access to corporate servers, information and data. Employees should always connect via a secure virtual private network (VPN).
Encourage employees to engage with IT security policies, procedures and precautions on a daily basis via extensive training and ongoing reinforcement.
Develop a Strategic Security Engagement Program
Work closely with your IT team and security vendor to develop a security engagement program tailored to your business’ needs and goals. When developing a training program, keep these best practices in mind:
- Customize training to employee, role and department. Provide employees with easy access to manuals, instructions or infographics/charts on how to use security equipment (i.e. surveillance cameras, access control, monitored alarms, etc.) that relates to their job function. Customize messaging and benefits of proper adherence based on individual or group.
- Provide employees with a main point of contact internally. With a clear reporting chain, maintenance issues and security breaches can be addressed more effectively. Encourage employees to build a relationship with these individuals so they are comfortable working with them should a problem arise.
- Use psychological strategies to increase engagement. Provide your employees with IT best practices for their own personal use too, such as using secure Wi-Fi and protecting devices with passcodes. Utilizing these security techniques in their personal lives can help them infuse good habits into their work lives as well.
- Set cyber safety standards. Share the importance of malware and antivirus software, and how often employees should update systems. Educate employees on red flags that may be compromising their systems/devices, such as an inability to upgrade software, so that they can monitor devices on a daily basis.
- Increase employee involvement with security threats. Force employees to think about the implications of security threats. Showcase metrics and deliverables that highlight the damages that could affect both business and individual job performance if a threat is executed.
How does your business effectively engage employees with business IT security? Share with us in the comments below.
Image Source: Jirka Matousek