Employees Need Regular Reminders About Security Policies

By Don Reisinger  |  Posted 2009-10-29 Print this article Print

5. Remember Web security

Employees should be told that surfing to unknown sites is a significant breach in security. Too often, employees travel to sites they may never have heard of, only to find that malicious files have been downloaded onto their computers. Companies should make it clear to employees that they should only travel to trusted sources that are required for business activities while in the office. Accessing any other site could wreak havoc on the corporate network.

6. Password security

Although simple passwords might be easier to remember, for employees to use "1-2-3-4" as a password to gain access to a corporate computer is unacceptable. Employees need to be taught how to create a secure password. It should be alphanumeric and include at least one symbol and uppercase letters. The easier the password is to break, the sooner someone will be able to hack into the corporate network. Password security on all computers is extremely important.

7. Keep locks on computers

Since so many employees are going mobile these days, ensuring that no one steals a laptop is becoming an even greater concern. Companies should provide employees with laptop locks. They should also teach those employees how to use those locks. It's important to remind them that locking a laptop to an immovable object is step one.

8. Use encryption software

Thanks to Windows 7, users will now be able to encrypt files on an external hard drive or USB key with BitLocker To Go. It's a great solution. But it only works if employees know how to use it. Companies should do their best to explain the importance of encryption to employees. They then need to teach employees how to use encryption tools like BitLocker to ensure that the contents won't be easily accessed when portable data is misplaced.

9. Educate workers about corporate security policies

It's important for employees to know not only that there is a corporate security policy in place, but that there are rules that they need to follow. They should also be aware that if they break those rules, there will be consequences. When they know that there are ramifications, they may be less inclined to engage in dangerous behavior. The security policy is the first line of defense against malware. It can't be taken lightly.

10. The threats are real

It might sound simplistic, but employees can't be expected to engage in fully secure behavior until they understand the ramifications of security issues. They need to know that if a hacker breaks into a corporate network, it could ruin the entire organization. It could also put their jobs in jeopardy. Network security is a dangerous game. And until employees are taught that, they might not take security policies too seriously.

Don Reisinger is a freelance technology columnist. He started writing about technology for Ziff-Davis' Gearlog.com. Since then, he has written extremely popular columns for CNET.com, Computerworld, InformationWeek, and others. He has appeared numerous times on national television to share his expertise with viewers. You can follow his every move at http://twitter.com/donreisinger.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel