W2 Issues/Concerns

  • This field is for validation purposes and should be left unchanged.

Blog

Check out our weekly blog posts and see the latest news and discussions happening in the HR world of business.

Cybercrime: Steps You Need To Take Now To Protect Your Company From Attack

Every now and again, a story will hit the headlines about a company that has been the victim of a cyber security breach and a little piece of us thinks “how could they be so careless?” However, as this article proves, when it comes to cybercrime, no company is truly immune to the problem, with heavy hitters including Target, Yahoo, and the Marriott hotel chain falling prey to these attacks (and that’s despite the presence of  big-time internal security set ups).

The key here is training your employees to be aware of the threats, to know how to thwart them, and to truly understand how to stop them. Below, we outline the key considerations for a comprehensive cyber security training program.

Raising awareness:
Before you can even train your employees in cyber security, you must first make them aware that there is a problem at all. Despite threats being fairly common place, surveys suggest that employees are blissfully unaware of how these breaches occur and their very important role in their prevention. With this in mind, it’s imperative that you teach workers that there is risk with every device that employees use and with every file, download, and email they open. However, you should also teach them that these breaches are almost always preventable with a little training and a hefty dose of common sense!

Start at the beginning…:
In order to be most effective, cyber security teaching should be a component of any onboarding program. At the start of their job, employees need to know what types of data within your company are protected, what information should never be shared, and most importantly, who to contact should they suspect a threat. At this time, you should let them know that they are responsible for the respect and protection of company data and this should be a component of the contract that they sign when they endorse their new employee handbook.

…But keep the momentum going:
If you’ve spent any time in the IT arena, you know that technology advances at the speed of light and cyber criminals are constantly thinking of new and innovative ways to dupe employees into giving up critical information. You’ll want to make cyber security training a regularly occurring event on the company calendar. In doing so, you can keep cyber security a front-of-mind topic, allow employees to brush up on their skills on a regular basis, reinforce company policies, and provide important updates on the latest and greatest scams facing business owners.

Phishing prevention:
One of the biggest and most dangerous scams for business owners is that of phishing scams. Teach employees what falsified emails look like, where they might come from (such as an email that is similar in nature to something you are familiar with, save for a few different letters or digits), and what kind of information the scammers typically try to procure. In general, a phishing email will ask employees to hand over usernames, passwords, personal information, or financial data components that would allow scammers to assume the employee’s identity and cause havoc.

Downloading don’ts:
A second big source of cybercrime comes in the form of downloads of malicious software. According to the pros, there are two main sources of bad software: Malware, which is any computer virus or other software that damages the functionality of a device, and the newer ransomware, which takes over the company’s website or other platforms and then extorts money to give you back what was already yours. To protect your employees and company, make employees aware that they are not allowed to install unauthorized software or even perceived software updates on any company device.

Password protection:
Train your employees on not only how to select a strong password from the beginning (including that they shouldn’t be generic or easily guessed) and then set up a system whereby employees have to periodically update their passwords for added privacy.  Remind them that passwords shouldn’t be written down (and especially not put on a post-it on their computer screen!) and shouldn’t be shared with others.

Policies and procedures:
As always, it all boils down to having good policies and procedures in place regarding employee use of email, internet and even various social media platforms. Specifically, your policy should outline what types of links employees are allowed to click on; what types of data can be shared, with whom, and under what circumstances; and what types of internet browsing and social media is allowed on company devices and using company email.

Reporting requirements:
As part of a comprehensive training program, employees should be taught not only what a cyber security risk looks like, but also how to respond to such a threat. During trainings, make it clear that employees should report all pop ups warning about malware or new software updates and even if their device is running slower or if things “just feel different” (such as the appearance of new icons or operating systems). In these cases, they should know who to contact – be it internally or externally – for further investigation and only proceed with updates or data sharing provided they have gotten confirmation from the chain of command and preferably through face-to-face verification!

Feel overwhelmed just thinking about this topic? You don’t need to be – we at Abel can help you to develop a comprehensive training program for your employees, as well as help you think through areas of your organization where security may need to be beefed up to keep you safe from cyber harm.

Featured BLOGS

  • Are You Required To Pay Your Employees Overtime?

    If an employee works more than 40 hours in a typical work week, are you required to pay them overtime? Unfortunately, the answer is far from cut and dry – and yet the stakes are so high because failure to pay that employee their time-and-a-half can leave you on the hook for paying a whole lot more! According to the US Department of Labor (DOL), employees covered by the Fair Labor Standards Act (FLSA) “must receive overtime pay for hours worked in excess of 40 in a work week.” However, overtime can only be earned by so-called non-exempt workers. So,

  • Controlling Turnover With Employee Benefits

    In surveys of employment satisfaction and loyalty, feeling valued by your employer and achieving a work-life balance are almost uniformly at the top of the list. The good news? There is one thing that you can tinker with to boost your scores on both metrics: The types of benefits that you offer.  For example, in a recent survey by Met Life, 73% of employees said that they believed their company had a responsibility for their health and well-being and 60% said that having access to benefits that support this notion make them feel valued and appreciated and thus breed loyalty.

Archives