The modern world is highly automated. Where companies’ data security systems are being updated and reinforced daily, IT security is a top priority.
But in this world of automation and data security, the biggest hole in any company’s IT infrastructure is its staff. Cybersecurity culture is something most employees just aren’t taught or interested in practicing.
And if there’s one fact that reinforces this point, it’s that:
95% of cybersecurity breaches are due to human error.
Bearing this in mind, here are our top tips you can give your staff to avoid the most common human errors that are bound to domino into data security disasters.
The practice of phishing is alive and well in South Africa, especially with COVID-19.
For a quick definition, phishing is when a scammer sends a recipient an email that’s designed to retrieve personal information. This is done by enticing the receiver to open a malware program, which appears as an attachment.
To mitigate this risk employees should be subjected to short training videos, educating them to pick up on the tell-tale signs of a phishing email, and that these emails can be dangerous. Good spam detecting software that limits employee contact with these emails is another automated system you can install.
Unauthorised Users Accessing Devices
While data security threats mostly come from online sources, it can also come from the real world.
Over the period of March – December 2019, Postbank lost R536 million in fraudulent transactions and had to replace 12 million cards. Employees printed and then stole the bank’s master key.
We can speculate that these staff members had access to a device with this information on it. All they needed to do was simply printed out the 36-digit code, or encryption key.
To limit this risk, make sure to watch when tablets and computers are being used and that all corporate devices have a two-factor authentication system on them.
With a million and one passwords to remember we can assume that most online users reuse passwords.
It’s this laziness that many hackers use in a technique called ‘credential stuffing’. Hackers find a single email password and use it to access multiple accounts. You can test your password’s strength by using this tool, and check if you’ve been pawned here.
To ensure that this lesson is carried over to your staff, it is a good idea to conduct a quick lesson on best practices and allow them access to trusted online tools.
What If A Human Error Data Security Breach Occurred Already?
Cyanre Digital Forensics Lab offers managed security services. Our trained experts can help minimise any breaches and can implement effective security protocols.
Just drop us a message and we’ll get in touch.