If there is one thing that we can take away from all the security breach nightmares that have affected businesses of every size, industry, and location, it’s that a CIO and their IT management team are no longer the gatekeepers of network security. It’s been proven over and over that security is only as strong as the weakest link – and there is always that one employee who will click on anything.
One of the main issues with network security is a lack of communication within an organization. It’s important that every employee, in every department, understand that they have a role to play in keeping the company safe from cybercrime. Email scams, ransomware, weak passwords, and abusing company internet privileges are potentially devastating to an entire organization. In short, the responsibility to maintain security of an infrastructure no longer lies solely within the depths of the server room.
Getting past the notion that the IT team is responsible for keeping the network safe is definitely one of the biggest issues faced by CIOs and IT managers around the globe. Between the increased dependency on technology in daily operations, employees wanting to access your company’s network with personal devices and the sophistication and growth of cyber criminals, even the most security savvy CIO is challenged to keep network vulnerabilities under control.
Homeland Security recognized this challenge and decided to step in to help industries and enterprises help bridge the gap between those who are responsible for the care of enterprise technology and those who use (and sometimes abuse) it. They have proclaimed October as Network Security Awareness month – offering a plethora of resources to help CIOs bridge the communication gap.
Educating everyone who has access to your network about security best practices and company policy is the first step toward building your army of network security vigilantees. Here are a few tips to help you get started:
- Speak their language. Remember who your audience is! Avoid using overly technical language. The majority of people aren’t going to understand what you mean when you say things like ‘DDoS Attack’ or ‘Zero Day Vulnerability’. To help improve network security, it’s more important to focus on WHY best practices are so important as opposed to what is threatening them.
- Make policy and procedure easy to remember. In addition to talking to your employees, posting fliers around the office and sending monthly email reminders will help keep network security fresh in their mind. This may also help raise the probability that when the time comes, they’ll remember why they shouldn’t click on the email from the long-lost uncle who passed away and left them a fortune.
- Be accessible. THIS IS VERY IMPORTANT! If you expect employees to alert you and your team when they feel there is suspicious activity, you need to be approachable. Your team is probably very busy, but being alerted to an impending issue before it becomes a full-on catastrophe will save your department time and money.
The dangers of hacking and data loss make education and communication about network security an absolute must for any enterprise! Anything less is asking to be hacked.