Top 5 Security Mistakes Your Employees Are Making Today

Even your most tech-savvy workers are probably making these five mistakes.

It’s time to talk about security.

As if your to-do list wasn’t long enough, you—as a business owner, someone who manages employees, or just the head intern—are at least partly responsible for encouraging those working under you to practice proper security hygiene. We realize this means less time to focus on your digital marketing chores, but safety always comes first.

We’ll even assume your employees are fairly tech-savvy. and know a phishing scam when they see one:

• Avoid “click here to reset your password” in emails
• Don’t open mysterious attachments
• Maintain a healthy distrust of princes in financial trouble.

Chances are, however, they’re still making all five of these mistakes:

1. Practicing Poor Password Hygiene

Almost all of us are guilty of using weak passwords for multiple accounts – sometimes for years on end. Most of us intuitively understand the risk involved here: One account gets compromised, they all get compromised. But so few of us do anything about it. If that’s you, then it’s time to get a password manager. All you have to do is remember one very long key phrase, and the password manager does the rest for you.

Other password missteps to avoid:

• Sharing them with others (especially over email).
• Writing them on sticky notes near your desk.
• Not using them.
• Not using multifactor authentication when you have the chance.

2. Insufficiently Protecting Their Personal Devices

We all do personal stuff on professional devices and professional stuff on personal devices from time to time.

And when that happens, employees’ personal device security becomes your problem. Are they password protecting those devices? Are they sure that those devices aren’t infected with a keylogger that’s tracking everything they type?

These are the types of questions you have to anticipate and figure out to address when you let employees work from personal devices.

3. Using Unsanctioned Apps

This is called shadow IT, and the idea is that employees use apps not provided by your IT department to do work stuff.

In some cases, this doesn’t matter at all. In others, it could mean that employees are storing or processing sensitive data on third-party apps without your knowledge.

4. Working on Free Public Wi-Fi

Network decoys, man-in-the-middle attacks and screen peeking have all been known to occur at cafés. That last one requires some vigilance, but the first two can be easily avoided by launching a virtual private network when using public Wi-Fi, or by avoiding these public connections altogether.

5. Not Backing Things Up

This is probably the most common mistake employees make.

If a program quits unexpectedly, your employee accidentally deletes a file, there’s a malware outbreak, your data center has an outage, etc. – are you confident everything your team has been working on is sufficiently backed up?

Double-check, because there’s nothing worse than seeing the fruits of your time and effort vanish in an instant.