Disgruntled Employees Can be Worse Than a Hacker

Although hacking and cybercrime have been on a steep rise in recent years, many business owners are unaware that a disgruntled employee can cause more damage financially and otherwise to the well-being of the company he or she works for.  It is hard to trace any solid data on the financial cost a disgruntled employee can cause, but most business executives have experienced it one way or the other.  Some even go as far as to classify the human error by their employees as an act of sabotage.  Whether it is human error, intentional sabotage, or hacking, data loss is costly and can have serious consequences. 

For smaller businesses especially, that price tag could wipe out an entire firm. For a company of any size, a data breach can also cheapen a company’s brand and negatively impact its ability to do work. The worst part is that if data security is not taken seriously, employees’ behavior can create vulnerabilities that allow cybercriminals to find their way to the network and wreak havoc. 

Business owners should implement basic security practices, and it should start from the top so it can be effective. Here are some steps that can help your organization to stay safe and secure at any time:

  • Backup your data- Make sure your data is backed up online every day.  Also, set up hourly snapshots so if something happens, you lose an hour of data at max.  
  • Bad habits- Nip it in the bud. Potentially detrimental bad habits, such as leaving a computer unattended and not locking it or logging off, sharing your password (or not having any password), are huge security risks. Also, not physically securing servers and essential computers, leaving important papers on your desk or printer pose huge concerns, yet are often overlooked.
  • Strong Password Policy- using complex passwords in conjunction with a policy to change the password regularly every 90 days can alleviate potential security concerns.
  • Offboarding and Termination policy- if you let go of an employee, make sure their access to your data is cut off immediately before they are terminated.  Change the passwords, change the lock to the server room, etc.  Have a policy in which no one can bring a flash drive to the office.  Emails are secured, and attachment sizes are limited.
  • Limit access to sensitive data – Establish your valuable(sensitive) data, as well as who should have access or permission to it.
  • Destroy old hard drives and media that hold your data. 
  • Wi-Fi system- It’s imperative to make sure these devices are password protected and have proper encryption, such as Wi-Fi Protected Access Version 2 (WPA2). Side note: WPA2 is an advancement of WPA and contains an even higher level of security encryption for Wi-Fi networks. WPA2 uses the Advanced Encryption Standard (AES), which the U.S. government also uses to protect classified documents.  Do not use public Wi-Fi to access your network or banks or any areas that deal with your data.
  • Remote access- With the rise in WFH as of late, most small businesses have no policy for remote workers. In addition, contractors or external vendors also open up companies to data breaches. When they are terminated, the same offboarding policies should apply to them, and their access to the network or data should be removed. 
  • Employee Awareness Training is an essential weapon to fight cybercrime and should be performed more than three times per year. 

I hope these are helpful hints.  If you have any questions or require assistance, please contact us at 818-501-2281 or email us at info@ceocomputers.com.

CEO Computers is a trusted name in the local community and has gained that reputation by providing quality, dependability, and a robust IT support system. Our IT Services include remote IT support, Cloud Migration, Azure Migration, Cyber Security support, Backup, and Recovery.

 

Posted in IT Blog