In our post-pandemic world, more and more individuals are splitting their time between the corporate office and their home office or working remotely full-time. This shift is blurring the lines between professional and personal cyber hygiene and privacy, which can pose a significant risk to organizations.
At Devo, ensuring our employees are aware of security and privacy best practices is a top priority, so we aim to inspire our non-security-focused employees to follow those best practices in their professional and personal lives. It’s also why we’re a 2023 Data Privacy Week Champion.
Here are six tips we share with our staff that you can educate your organization’s employees about, too:
- Update systems: Tell employees that if they receive an update notification from their mobile device — whether that’s a laptop, cell phone, tablet, e-reader, smartwatch, or gaming console — don’t ignore it! Those updates are typically for one of two things:
- A security update, which means the owner of the app or device found a bug they’re pushing a fix for, or
- An operating flaw that could result in degraded device performance.
- Turn on MFA: If you still haven’t encouraged employees to set up multi-factor authentication (MFA) on all their accounts, it’s time to do it. MFA may seem like a speed bump to employees, but it is indispensable for upping your security game. Not only should it be mandated for any corporate accounts, but it should also be highly encouraged for personal accounts. Walk employees through setting it up to prevent them from becoming overwhelmed. Here’s a quick and dirty guide that you can copy and paste into your next company-wide update:
- Click on the settings within your apps.
- Under the security and privacy section, there should be an option to select ‘account info’ or ‘login settings.’ You can enable MFA here.
- If not, go to the HELP section and ask your question there.
- Change your router settings: Tell employees to ensure their router is password protected. If it’s not, then anyone nearby can access their network. That should send shivers down their spine. That means a bad actor could sniff their traffic to intercept private information. Routers come with the default settings from service providers (e.g., Verizon, Xfinity, AT&T, Cox, etc.). Chances are that most employees never thought about changing them. Be the hero that reminds employees what a critical security measure this is for the company and their privacy.
- Set up guest networks: Non-security employees likely won’t establish a guest wireless network in their homes without being prompted. But it would behoove them to do so instead of providing their wireless credentials to anyone who needs them. This enables employees to prevent anyone from seeing their shared folders, printers, and storage devices. Most wireless routers have this feature, and it’s accessible via the device settings — they just need to set up a separate guest SSID and WiFi password. Security teams, you can help your colleagues realize that security measures like this aren’t always complex, nor do they require highly technical skills.
- Turn on encryption: Educate your colleagues on what encryption is and why it should be enabled on their WiFi networks. Tell them: When you enable encryption, it encrypts any data sent between your wireless equipment and your device. It’s a method that converts information — texts, photos, files, app data, and more — into a secret code that prevents an unauthorized person or device from being able to decipher it. This option is also available in most router settings.
- Turn on the router firewall: Most employees are likely unaware that router firewalls are off by default. Tell them they can activate it in their router settings (most likely under the advanced settings section). If it impacts their internet speed, they can have the power to turn it off and on during high-performance tasks.
Often, non-security employees view security teams as stringent rule followers who love to say “no.” But when we take opportunities like Data Privacy Week to show colleagues that we’re only looking out for what’s best for everyone’s online safety, we can form important alliances across the organization to keep everyone safe and secure.