Low-Tech Reinforcement of Good Security Behavior
Today we’re going to look back at some previous blog posts around reinforcing security awareness in the workplace. But this time, we’ll also look at how to do that virtually as many workers continue to socially distance. We’re specifically looking at low-tech reinforcement methods, not courses or formal training. These can be done on little to no budget and will help bolster your cyber defenses through a cyber-focused workforce. It’s not a substitute for a formal security awareness program, but rather a way to keep employees mindful throughout the year.
One way to reinforce security awareness is by placing signs or posters with cyber tips near places where people congregate in the workplace. Prior to COVID-19, a choice spot may have been next to a candy bowl. Today we might choose something less germ-friendly. Instead, you can place signs in break rooms, on refrigerators, or outside of restrooms.
What should these signs convey? A reminder to lock workstations is a great idea. After all, they just left their computers! A reminder to shred or lock up sensitive documents is another.
If people in your workplace are still working from home, you can add messages to the bottom of your email signature or even send out tips weekly or bi-weekly. The point is to weave it in to everyday activities to show your commitment to a security-minded culture.
Calling out Employee Behavior
One of the best ways to reinforce a certain kind of behavior (such as reporting suspicious emails to the Tech Team) is to applaud people for it. Mention your appreciation of it during a company meeting, which, of course, can be a virtual one. The person receiving the praise will feel appreciated and will be more likely to continue that action in the future. Other employees will realize that you’re willing to recognize such behavior and may follow suit.
Likewise, you can call out less than ideal employee behavior. “We’re seeing more and more people trying to download and install their own software. Here’s why that’s dangerous…”
With the rise in virtual work, employees may be getting bombarded with more scams and distractions than ever before. As of June 1, the FTC received 61,104 complaints tied to COVID-19 and reported over $44M in fraud loss.
Create a communication channel where employees can easily ask questions and quickly receive answers about suspicious communications and information handling. This would be more of a chat channel than a ticketing system which can take some time for someone to answer. Of course, you’ll have to make someone available to be there to receive and answer those questions: “Is it safe if I save this file to…” or “Is this email a scam?”
This kind of open communication can mean the difference between someone saying “to heck with it” and clicking on an email attachment with malware and getting a second opinion first. It also shows your workplace’s commitment to helping employees be more cyber aware.
Can We Help?
Are you interested in boosting your organization’s security awareness? We can help you with our Bite-sized Security Awareness service. If you want to start with some visual reminders, we have some great posters for sale that drive home key security awareness points.