WHAT IS NIST? THE COMPLETE GUIDE TO THE NIST CYBERSECURITY FRAMEWORK
Explore this comprehensive guide on how the NIST Cybersecurity Framework can be applied to your organization.
8 Computer Security Training Tips for Secure File Sharing
In September, Equifax, a top consumer credit reporting company, was hacked, compromising sensitive personal information like social security numbers, birthdates, licenses numbers for 143 million Americans. If you weren’t already worried about cyber security threats, this breach should definitely concern you.
Keeping your data safe is crucial, both for protecting your clients and preserving your company’s reputation. And, one of the biggest threats to data security is the way files are transferred. Ensuring your employees are securely and properly transferring files is not just a good idea anymore – it’s a necessity. In fact, 32% of companies say that they fell victim to cybercrime last year.
IT directors and operation managers face the challenges of establishing file sharing standards across their company and continuously training employees to ensure these standards are being followed.
Explore some essential computer security training tips for employees to ensure your data remains protected, and find out how implementing these standards help you ward off the biggest threats to your file transfer security.
1. Keep Your Passwords Complex
Passwords are one of the greatest vulnerabilities in your cybersecurity protections. You need a strong password to protect access to your information. The days using “password123” as your password are over. Even hackers with the most rudimentary tools can crack these simple passwords. You need a complex password to keep your information secure.
Consider including some of these password features that make it difficult for hackers to crack them:
- A string of numbers that are unrelated
- Upper and lowercase letters
- Eight characters minimum
- Words that aren’t in the dictionary
Another common mistake people regarding passwords is using the same one for multiple sites. If a hacker is able to guess this password, they’ll now have access to all of your sites, making it impossible to keep your information safe. Make sure you’re assigning unique passwords to all of the sites and accounts your employee’s access. Or, in the least, offer training to your employees as to why it’s so critical to use strong passwords.
2. Update Your Passwords
The battle to keep passwords safe occurs on two fronts: having complex passwords and updating those passwords regularly. Once your passwords are assigned, you need ensure that they’re updated every 90 days.
Some cyber criminals can have access to your network for a while before they’re detected. In fact, the median number of days a hacker resides in a network before they’re detected is 140 days – almost 5 months. However, frequently changing your passwords makes it harder for hackers to access your accounts. Remain vigilant when it comes to your passwords, and you’ll be able to deter even the most advanced hackers.
3. Stop Sending Files via Email
Another computer security training tip for employees is to avoid sending files via email. Unfortunately, when you send files via email, you have no way to protect them from upload to download by another party. Emails don’t offer an adequate level of security, making it easy for a hacker to intercept the information in transit.
Even if your file does arrive to its destination safely, that doesn’t ensure that it remains secure forever. When you send a file via email, four copies of that file are created – the one in your outbox, one in the sending mail server, one in the receiving mail server, and the copy that arrives in the inbox of the recipient. So, there are four copies vulnerable to hackers.
4. Use a Secure Connection
When you don’t use a secure connection, you’re working in a space that isn't encrypted. This means your data is vulnerable to even inexperienced hackers. It’s essential that you and your employees work using a secure connection. Usually in a corporate work environment, this isn’t an issue, since many companies understand the risk of internet connections that aren't encrypted.
The problem, however, rises when people work from a location other than their office. With the rise in remote work environments, the risk of working on public connections or connections that aren’t secure is increasing, as well. Whether you or your employees are working from home or the coffee shop down the street, make sure to follow this employee training tip and only use secure connections.
5. Avoid USBs When Possible
While you may feel like using USB devices to transfer files is a secure alternative to emailing information, these devices pose risks of their own. It’s so easy to lose a USB device. Think about how many USB devices you’ve seen lying around, forgotten and vulnerable to being taken by anyone. When you do lose one of these devices, you have no idea whose hands the information will fall into.
6. Hover Over Links Before Clicking
Hackers are getting smarter and more cunning each day. In fact, they’ve even become experts in creating fraudulent sites and in creating email messages that look legitimate. A site or email might be designed to look like your bank or another reputable company, enticing you to enter sensitive information or click a link that installs a virus. Although the content may look legitimate, there’s a chance that it’s a fraudulent site, providing hackers an opportunity to steal your information.
One way to avoid visiting fraudulent sites is by hovering over links before you click on them. If the URL looks suspicious, don’t click on it.
7. Be Cautious About BYOD
In the same way that remote work environments are becoming more and more common, bringing your own device to work is a common cybersecurity threat, as well. Admittedly, there are a number of benefits of BYOD like decreasing the learning curve around using technology and providing access to work from anywhere. However, whether it's one’s own laptop, tablet, or phone, these devices are just another channel for a hacker to threaten your file transfers.
When employees strictly stick to their corporate computers or phones, it’s much easier for their employer to facilitate and control secure file transfers. However, when you’re accessing your email from your tablet at home, it’s harder to prevent hackers from accessing information.
8. Use a Secure File Sharing Solution
The average cost of a data breach for companies is $3.8 million. That’s a lot of money that you can’t afford to lose. The only way to truly keep your data safe is by using a secure files sharing solution to facilitate transfers. When you engage a managed FTP solution, the responsibility of keeping your data secure is handled by the company you’ve partnered with. And, they’re experts in data protection.
Having a secure file sharing solution not only gives you peace of mind about data security, it also protects your reputation in the process. In addition to adopting these computer security training tips for employees, you need to consider the program you use to facilitate your secure file transfers. Adopting the right solution could mean the difference between a great reputation and the loss of business.
Ensure that everyone in your organization is aware of potential cyber security threats, and that they’re adhering to these computer security training tips for employees. When you do, you’ll have great control over file transfers and you’ll mitigate the risk of a breach.
Learn more about promoting data security at your company with this free training guide.
About Martin Horan
Founder of FTP Today and an expert in secure file transfer and Internet protocols. A software and IT geek since a young age, Martin has successfully led his companies through the digital age by spotting market niches and filling them with quality IT services.