Driver Behaviour

3 Steps to a Successful Driver Coaching Program

Sep 09, 2019

To change negative driver behaviours, it’s not enough to track your drivers. You have to coach them towards a perfect sa...

READ FULL ARTICLE

Nearly half of Australian SMEs say that human error is a notable risk to their data security, but fewer than 30% of small-to-medium businesses reported having trained their staff on information security policies, according to a 2016 study by ShredIt.

Human error is one thing, but cyber attacks are also increasingly common in Australia. In fact, ransomware attacks quadrupled in 2016 and are expected to continue to be a problem for small-to-medium businesses this year. Several Australian businesses were affected by the worldwide ransomware cyberattack on June 27, 2017. It hit more than 200,000 victims in more than 150 countries.

What strategies can your business use to protect your data from human error and malicious cyberattacks? We’ve put together a list of strategies that are now essential for Australian businesses, which are outlined in ISO 27001.

 

Use Effective Password Procedures

This sounds so simple, but it’s extremely important. Passwords are your company’s first line of defence against attacks. While it’s tempting to use passwords that are easy to remember and universal across all platforms, do what it takes to avoid this common, dangerous practice.

Best practices for password procedures include changing passwords regularly and using a combination of symbols, numbers, upper and lower case letters. As you train your employees about these password procedures, emphasise the reasons behind password policies. These best practices are not an effort to make their lives more difficult; in fact, dealing with the aftermath of a cyberattack is much more difficult than changing passwords on a regular basis.

 

Limit Access to Information

Sensitive data can be put at risk when too many people have access to it. If an employee has a file on his computer that he’s not responsible for and has no need of, that file is unnecessarily at risk of attack or loss due to carelessness.

You can help to protect your data by allowing staff access only to information that is required of their roles. Do this by setting controls over what information is available to different staff levels. Additionally, create confidentiality agreements to be signed by all staff members. This should include all employees with access to the premises, such as maintenance and cleaning staff. Such agreements not only protect the business, but they also protect your staff. If someone asks them for information, they can say, “Sorry, I signed a confidentiality agreement.”

 

Use Encryption on Devices

Any device that holds sensitive company data should be encrypted. Effective file encryption converts data into code. It’s a fairly simple security measure, but it’s also extremely helpful. If a staff member loses a laptop, you don’t have to worry that the person who finds it will be able to read any data.

 

Keep Tabs on Removable Media

Small items like USB sticks, smartphones, digital cameras, and hard drives can all contain large amounts of sensitive data, but they’re easily misplaced and difficult to track. Also, for someone who would like to steal data, these devices are unlikely to arouse suspicion, and they’re easy to slip into a pocket or other small space. Solve this data risk by training employees about how to use removable media, and install encryption, two-step verification, and other controls on these devices.

 

Provide Regular Training on Security Issues

Technology is constantly changing, so it’s important to regularly update your staff about new data security threats. Everyone is busy focusing on their important roles, so it’s good to take some time out to remind employees about changing passwords, remembering removable device protocols, and so forth.

Cyberattack perpetrators are constantly working to develop new ways to access sensitive data, so you need to also be on your guard. Learn what you can about new threats, and include this information in your regular employee training meetings. A little prevention can go a long way toward protecting your company’s sensitive data.

 

New Call-to-action

FEATURED DOWNLOAD

Risk and Safety Templates

For strategic safety professionals.

More Articles

3 Steps to a Successful Driver Coaching Program

Sep 09, 2019

To change negative driver behaviours, it’s not enough to track your drivers. You have to coach them towards a perfect safety record – but how exactly ...

How to Use Technology to Identify Workplace Hazard...

Sep 02, 2019

Can technology help you to identify workplace hazards? Absolutely. In fact, more and more organisations are finding that by using OHS software, they’r...

Is OHS Software Worth the Cost?

Aug 26, 2019

Is OHS software worth the cost? What can it do for your business? Can OHS software really help you to drive efficiency and make your workplace safer f...