Firms Must Also Look Internally to Keep Their IT Systems Secure

While you might think your IT systems are safe and secure, think again. One of the greatest security threats comes from a firm's own staff.
 
Understandably, a lot of businesses focus their efforts on beefing up security to stop things like websites and databases being hacked. While external security threats obviously can't be ignored, there are many good reasons to pay attention to what's going on inside your organization as well.
 
Following are five ways your staff can wreck your IT systems and cost your business in lost productivity.
 
1. Bringing memory sticks to work. If you allow your staff to work from home for part of the week, or expect them to take work home in the evenings and weekends, it can open up a whole can of security worms for you as the employer.
 
Your employees might be happy to work from home, but the way they go about it could pose a threat to your IT systems. Despite all the Cloud-based platforms available, such as Dropbox, your employees could still bring in data and documents on their own memory sticks. It's very likely these devices will have been used for things other than work, and that's where things like viruses and malware can easily be transferred onto your hardware.
 
2. Forwarding "funny" e-mails. Whether you like it or not, your staff will get sent and then open humorous e-mails with attachments and pictures of cats, etc. Your employees won't know where these e-mails originated from, and if the content is something that amuses them or gets another emotional reaction, they're likely to send it on to colleagues within your organization as well as others on the outside.
 
The problem with these kinds of e-mails is they can contain all kinds of viruses and malware that can infect your hardware and result in lost productivity and data.
 
Irrespective of the size of your organization and the number of computer users you have, it's wise to have an IT policy for all staff to refer to when it comes to what they're allowed and aren't allowed to do.
 
3. Using unimaginative passwords. Your IT systems may also be prone to being hacked by external sources. In many cases, employees make it all too easy for data to be compromised by using simple passwords, such as the company name followed by 123 or simply "password123."
 
And it's not just unimaginative passwords that can lead to IT hacking issues. Because your staff will probably have dozens of passwords to remember in their personal and work lives, it's likely they won't bother changing them frequently, if at all. This is another area that should be covered by your company IT guidelines for staff.
 
4. Social engineering. Social engineering covers a wide range of underhanded tactics to try to get access to IT systems and databases. These could take the form of phishing e-mails, bogus security alerts triggered by malware, or even through social media.
 
There have been instances where IT staff members have tweeted about going away on vacation and having no computer access, which directly resulted in an increased number of hacking attempts at a particular organization. Most people have their job title and place of work in their Twitter bio, so it's not difficult for hackers to use the content of certain tweets to their advantage.
 
5. Taking data on a walkabout. You've probably heard tales of government officials and senior company employees leaving memory sticks and laptops on planes and trains when they're travelling on business.
 
Cloud-based solutions help to reduce the need for taking physical items out and about with passwords or other sensitive data on them, but don't eliminate the requirements completely.
 
There's very little you can do as an employer to combat employees being absentminded, but you can invest in secure Cloud storage, for example, which means things like memory sticks don't need to be carried from one place to another.
 
Conclusion
The potential of any of these five things causing havoc with your IT systems can be reduced through proactive employee education. Putting together a staff handbook on IT may take a bit of time initially, but it could save you a lot of money in the long run.
 
This article was originally published on Business Zone, our UK sister site.
 

You may like these other stories...

No field likes its buzzwords more than technology, and one of today's leading terms is "the cloud." But it's not just a matter of knowing what's fashionable. Accounting professionals who know how to use...
There is a growing trend of accountants moving away from traditional compliance work to more advisory work. Client demand is there, but it is up to the accountants to capitalize on that. What should accountants' roles be...
 Event Date: April 24, 2014 In this session Excel expert David Ringstrom, CPA introduces you to a powerful but underutilized macro feature in Excel. David will introduce the Macro Recorder, which transforms actions...

Upcoming CPE Webinars

Apr 22
Is everyone at your organization meeting your client service expectations? Let client service expert, Kristen Rampe, CPA help you establish a reputation of top-tier service in every facet of your firm during this one hour webinar.
Apr 24
In this session Excel expert David Ringstrom, CPA introduces you to a powerful but underutilized macro feature in Excel.
Apr 25
This material focuses on the principles of accounting for non-profit organizations' revenues. It will include discussions of revenue recognition for cash and non-cash contributions as well as other revenues commonly received by non-profit organizations.
Apr 30
During the second session of a four-part series on Individual Leadership, the focus will be on time management- a critical success factor for effective leadership. Each person has 24 hours of time to spend each day; the key is making wise investments and knowing what investments yield the greatest return.