It’s no secret that your own people are the greatest threat to your organization’s data and assets. You shouldn’t make the mistake of thinking you don’t fall under that umbrella, either. There’s a very good chance that, even as you attempt to keep everyone else aligned with cybersecurity best practices, you’ve fallen victim to a few bad habits of your own.
Today, we’re going to go over the most common—if you recognize any of these behaviors in yourself, you need to make a change.
We like to say that there are two types of people in the world—those that use a password manager and those that reuse the same passwords repeatedly. If you fall into the latter camp, that’s terrible news—not only are manual passwords weaker than those stored in a password manager, but a threat actor that compromises one of your accounts might just have the keys to all your accounts.
Seriously, just use a password manager.
Putting Off Updates
Nobody likes being pestered by Windows Update when they’re in the middle of work. No one wants to interrupt what they’re doing just to apply a security patch they’ll probably never notice. The thing is, that’s the exact sort of behavior threat actors want to see.
Remember that every security update you fail to apply is one more potential attack vector.
Improper Backup Processes
How frequently do you back up critical systems and data? Do you maintain multiple copies of those backups? Are said copies typically air-gapped from all other network systems and devices?
We recommend daily data backups and weekly system backups if possible, and that you keep as many prior backups as possible.
Not Separating Work Data and Personal Data
If there’s one unexpected consequence of the pandemic, it’s that we collectively saw our work-life balance absolutely torpedoed. Even now, more people than ever work from home. Unfortunately, that’s causing a blurring of the line between personal and professional.
At best, this is unhealthy and unprofessional. At worst, it could result in an invasion of your privacy— and a legal nightmare—for your employer. Trust us when we say it’s in your best interests to maintain a clear delineation between your home life and your work life, especially where data is concerned.
Access controls exist for a reason. You know that; we know that. Yet we’d be lying if we said we were never tempted to bypass a frustrating or cumbersome authentication process that was stopping us from getting work done.
The thing is, it doesn’t matter if you know better than the average user. Bypassing your organization’s cybersecurity still puts the business at risk. And it also establishes a potentially dangerous precedent.
Don’t like a security policy? Just ignore it. What’s the worst that could happen?