Email is the most obvious way and the biggest target for cyber criminals to get through your IT front door.
A recent survey found that 55% of organisations had a security incident or data breach due to a malicious or negligent employee. So it’s vital that your employees are aware of the importance of their role in keeping company data safe and secure. One way is to promote a security culture in your organisation.
There are also some simple tips that you and your employees can take to keep your email safe:
- Email verification systems. Domain-based Message Authentication, Reporting and Conformance (DMARC) enables servers validate incoming mail location.
- DMARC/SPF records and outgoing messages signed with DKIM helps prevent the sending of fake emails that appear to come from your company.
- Use separate administrative accounts and monitor access.
- Monitor and measure your security protocols.
- Enforce monthly email password changes and encourage them not to use the same one anywhere else.
- Frequent data security and cybersecurity best practices training programmes for all employees.
- Restrict access to all removable storage such as USB devices and smart phones.
- Update browsers, Java and operating systems as soon as they are available.
- Appoint a CSO or at a minimum, ensure everybody in the company knows who, at senior management level, is responsible for data security.
The cost of a data breach is high. Forrester Research found that the downtime average cost per hour for medium businesses was almost $350,000. Downtime costs you revenue and reputational damage as well as customers. It also means you’re paying employees who can’t perform their jobs properly.
You could even reward employees to report anything unusual such as a fake email or phishing attempt, or have a fun newsletter or intranet page showing the latest scams and tips on how to avoid them.
Ongoing education and monitoring will help employees understand the full consequences of a data breach and they are more likely to do their best to prevent it. And of course, make sure you have plans and teams in place ready to respond should a breach occur.