Cyber crime is big business is your business safe?
When was the last time you had a conversation with your staff around keeping your business information safe and secure? I bet the answer is not really on your radar with the day activities of what you already have to do. Just imagine though, what would happen if your company information was compromised or worst lost? ARGHHH
Here are some quick training tips for staff to keep them vigilant of scam emails:
1-: Know how to stop email scams.
Encourage staff to be aware of suspicious emails including:
An email or an invoice with new bank account details for a supplier.
- Unexpected email (i.e. Invoices from suppliers that you may not have dealt with or unsure whether your business has dealt with them before). Or you have dealt with them before and it is an unexpected amount.
- An email asking for urgent payment or serious consequences.
- An email from someone who wouldn’t normally send your requests for payment.
- An email address that doesn’t look quite right. (Check previous Emails)
Encourage your staff to double check information – call the business directly using the number listed on their website rather that the one listed on the suspicious email.
It’s also worth setting up a process in your business to double-check requests for payment and sensitive information to help protect your business from scams.
2-: Create strong Password Security Policy
60% of hacking-related data breaches involve stolen or compromised credentials like passwords.
Weak passwords, like Password1, or names are easy for cybercriminals to guess – there’s even software that can guess billions of passwords a second. It’s important not to use the same or very similar passwords across multiple business accounts, such as banking, email and social media, because if a cybercriminal cracks just one of them, they could get access to all of these accounts.
To keep your accounts secure:
- Create different passwords across all your online accounts. This includes email, payroll, accounting software and admin accounts for your websites and social channels.
- Create strong passwords: Develop a long passphrase made up of at least four words and at least 13 character in length, such as “horsecupstarshoe” Pick words that are meaningful to you so that you remember the password.
- Turn on a second layer of security. This is also know as two-factor authentication. It means you need to provide two things – Your password and something else like a code sent to your mobile device, a physical token, or a fingerprint – before you can access your accounts.
3-: Keep business information private
59% of Australian organisations have their business interrupted by a cyber breach every month.
Do you know who has access to your business and customer information? It’s important to limit access to only those who need it to do their jobs. This will reduce the risk of accidentally or maliciously releasing confidential information.
Also make sure your staff understand their role in keeping customer and employee information confidential. This includes no disclosing the information online on social media or to people don’t need or shouldn’t have it. – Commonly this comes in requests for phone number or address details via telephone calls asking to get in touch with an employee. Setup a process where all staff understand what is and what is not acceptable to give out.