October is Cyber Security Month and a great opportunity for organizational leaders to educate the company on, promote implementation of and demonstrate their commitment to computer security. I can tell you from experience, this is an incredibly important topic for all organizations in the 21st century. Here are some ideas on how you can, in October or anytime, help promote best practices in information technology security.
Most serious data theft incidents are executed not by criminals with excellent programming skills, but by individuals convincing employees to offer up their passwords or by finding account information in the trash, on post-it notes or through similar, “low-tech” means. This is typically attributed to poor awareness of those employees. Believe it or not, comments like, “I never knew I should not keep my login and password on a post-it note attached to my laptop” are quite common. Here are some ideas for leaders to help educate their employees:
1. Posters: Eye-catching posters alerting employees to basic security practices can quickly communicate best practices to the team.
2. Flyers: Leave flyers at each employee’s desk reminding them of concepts like strong password tips, when to update anti-virus packages or other tips.
3. Login Prompts: You can have your IT department post reminders about security when each person logs into their PC. This is a good, constant reminder.
Promotion of important security practices is a great way to leverage Cyber Security month. Here are some ideas for leaders to directly promote IT security best practices.
1. Announce: Send out an announcement to the company. Include in this a list of the team members responsible for computer security and how much you appreciate their efforts. Ask those members to provide you with statistics on the number of threats blocked in the last year – their answers may surprise you.
2. Fair: My current employer does a great job of this – though it usually requires larger organizational resources. Try hosting a computer security fair. This includes bringing in security vendors to set up stands and discuss common issues with your employees.
3. Example: Chances are, you’ve experienced a computer security incident in your past. Whether it was a simple virus or a major breach at a previous employer. Share these examples and what you learned with your team. This real-world experience will help drive the point home and make the matter more real.
Of course, as the leader, it is important that you lead by example. Here are some basic ways to ensure you’re not caught executing poor computer security practices:
1. Ctrl+Alt+Del: Lock your PC every time you step away. Leaving yourself logged on to a computer not in your sight, is like walking away from a safe holding all your corporate secrets with the door wide open. Lock it up every time.
2. Update: Make sure your software is up to date – especially your anti-virus application. Software updates often include security improvements to new and increasing threats. Software updates help you close these vulnerabilities.
3. Backup: While not directly a security concern, it sure would be embarrassing if your PC is ruined by a virus or other incident and you lose important information. As the leader, you should be sure you are treating the company assets you hold on your computer as the valuable items they are.
If you’re not familiar with these IT security issues or other computer safety trends, take this opportunity to speak with the IT leader in your organization accountable for security. Then, take the opportunity to educate, promote and demonstrate the important of IT security in the company. Believe me, this small investment in computer security is well worth it!
Question: What other tips do you have for promoting computer security awareness in organizations?