safety culture SoloDrive Driver Behaviour

How to Change Driver Behaviour through Driver Coaching

Dec 09, 2019

Driver safety solution data holds plenty of promise. The insurance industry is extremely interested in using this data f...

READ FULL ARTICLE

Nearly half of Australian SMEs say that human error is a notable risk to their data security, but fewer than 30% of small-to-medium businesses reported having trained their staff on information security policies, according to a 2016 study by ShredIt.

Human error is one thing, but cyber attacks are also increasingly common in Australia. In fact, ransomware attacks quadrupled in 2016 and are expected to continue to be a problem for small-to-medium businesses this year. Several Australian businesses were affected by the worldwide ransomware cyberattack on June 27, 2017. It hit more than 200,000 victims in more than 150 countries.

What strategies can your business use to protect your data from human error and malicious cyberattacks? We’ve put together a list of strategies that are now essential for Australian businesses, which are outlined in ISO 27001.

 

Use Effective Password Procedures

This sounds so simple, but it’s extremely important. Passwords are your company’s first line of defence against attacks. While it’s tempting to use passwords that are easy to remember and universal across all platforms, do what it takes to avoid this common, dangerous practice.

Best practices for password procedures include changing passwords regularly and using a combination of symbols, numbers, upper and lower case letters. As you train your employees about these password procedures, emphasise the reasons behind password policies. These best practices are not an effort to make their lives more difficult; in fact, dealing with the aftermath of a cyberattack is much more difficult than changing passwords on a regular basis.

 

Limit Access to Information

Sensitive data can be put at risk when too many people have access to it. If an employee has a file on his computer that he’s not responsible for and has no need of, that file is unnecessarily at risk of attack or loss due to carelessness.

You can help to protect your data by allowing staff access only to information that is required of their roles. Do this by setting controls over what information is available to different staff levels. Additionally, create confidentiality agreements to be signed by all staff members. This should include all employees with access to the premises, such as maintenance and cleaning staff. Such agreements not only protect the business, but they also protect your staff. If someone asks them for information, they can say, “Sorry, I signed a confidentiality agreement.”

 

Use Encryption on Devices

Any device that holds sensitive company data should be encrypted. Effective file encryption converts data into code. It’s a fairly simple security measure, but it’s also extremely helpful. If a staff member loses a laptop, you don’t have to worry that the person who finds it will be able to read any data.

 

Keep Tabs on Removable Media

Small items like USB sticks, smartphones, digital cameras, and hard drives can all contain large amounts of sensitive data, but they’re easily misplaced and difficult to track. Also, for someone who would like to steal data, these devices are unlikely to arouse suspicion, and they’re easy to slip into a pocket or other small space. Solve this data risk by training employees about how to use removable media, and install encryption, two-step verification, and other controls on these devices.

 

Provide Regular Training on Security Issues

Technology is constantly changing, so it’s important to regularly update your staff about new data security threats. Everyone is busy focusing on their important roles, so it’s good to take some time out to remind employees about changing passwords, remembering removable device protocols, and so forth.

Cyberattack perpetrators are constantly working to develop new ways to access sensitive data, so you need to also be on your guard. Learn what you can about new threats, and include this information in your regular employee training meetings. A little prevention can go a long way toward protecting your company’s sensitive data.

 

New Call-to-action

FEATURED DOWNLOAD

Risk and Safety Templates

For strategic safety professionals.

More Articles

How to Change Driver Behaviour through Driver Coac...

Dec 09, 2019

Driver safety solution data holds plenty of promise. The insurance industry is extremely interested in using this data for things like automated claim...

How to Cut Your Biggest Vehicle Costs with Driver ...

Nov 25, 2019

Every fleet wants to avoid collisions and mitigate risk, but driver safety means so much more. It’s an absolutely critical – and frequently overlooked...

Mental Health at Work: Australian Statistics

Nov 08, 2019

When we think of work-related injuries, we typically think about falls from ladders or injuries from heavy machinery. But these aren’t the only kinds ...