We often think of security measures as ‘common sense’. Regularly changing passwords, locking your computer when you leave your desk, not opening suspicious emails – these are the basics. Yet studies show that, although most people know what they should be doing, they don’t.
Together with the rapidly evolving nature of cyberattacks, this feeds one of the biggest causes of breaches: human error.
Worse still, most small business staff probably have some misconceptions about cybersecurity – which might feed into your business’ vulnerabilities. Here are three popular security misconceptions, debunked:
Public networks in shops, airports and hotels isn’t secure, whether or not it requires login information. This is particularly true if there are multiple people using the same credentials. It’s best practice to never use public wifi to submit forms with sensitive information or do banking. From a business perspective, it’s best practice to use a VPN or virtual desktop app on all company devices. A VPN encrypts the connection, making it harder for other network users to see your activity.
Private browsing is designed to help prevent websites from collecting information about your activities online. After you’ve finished browsing, any cookies and history data are deleted. However, search engines and internet service providers can keep records, including elements of your activity even in private browsing.
We all know that we should create complex, hard-to-guess passwords, and never use the same password for anything else. Even if your staff were vigilant in maintaining good passwords (and studies suggest most aren’t), cyberattacks are consistently finding ways round traditional username / password logins.
There are various types of multi-factor authentication, working alongside traditional logins. Processes that require a uniquely generated code on another device are seen as the most secure and easily available to small businesses.
When it comes to cybersecurity, awareness is half the battle. Train your staff, staying up to date on all the latest threats, and you’ll create a people-fronted line of defence. It might seem like common sense, but by dealing with these kinds of security misconceptions, you could be preventing the one mishap that leads to a serious breach.
We’re small business cybersecurity experts, helping London’s SMEs to stay resilient so they can do what they do best. We’ll support you to factor in human error in your disaster recovery planning, as well as providing password, network and device management services. Contact us to find out more.