Infracore LLC Blog

Infracore has been providing enterprise-level IT Support for medium sized businesses in and around San Diego, CA since 2003. Time and experience has helped us develop best practices, workflow procedures and a proactive philosophy toward the management of IT departments for our clients.

How an End User Might Accidentally Undermine Your Security: 10 Innocent Mistakes

How an End User Might Accidentally Undermine Your Security: 10 Innocent Mistakes

If you’re like every other small business out there, you know that the more employees you hire, the more technology that you have to procure. However, when you have more end-users, you provide more avenues for threats to slip into your network infrastructure unnoticed. When all it takes is one simple mistake from a single end-user, how can you minimize the chances of falling victim to an untimely hacking attack?

We’ve put together ten honest mistakes that any end-user can make, and how they can be prevented.

  • Clicking on malicious links: With so much information on the Internet, it’s easy for an employee to search through countless pages without any regard to the sites and links that they’re clicking on. You need to emphasize the importance of safe browsing, including double-checking the destination of a link before clicking on it. You can do so by hovering over the link and looking in the bottom-left corner of your browser.
  • Using weak passwords: Employees frequently use passwords that aren’t strong enough to keep hackers out. Often times, they’ll simply use something of personal significance, like the name of their pet or a specific date. This isn’t the right way to approach password security. Instead, users should attempt to put together passwords that are private, randomized strings of numbers, letters, and symbols.
  • Ignoring mobile security: Even if your company has the latest and greatest security solutions installed on its desktops, you should also be thinking of your mobile devices, like smartphones and tablets. It’s arguably more important that your mobile devices have solid security solutions implemented on them, as they are often on the road, connecting to potentially dangerous hotspots. You need to make sure that security is a top priority in your Bring Your Own Device (BYOD) policy.
  • Accessing sensitive data through unsecured connections: If your employees are using the local café’s free wireless Internet to get some work done on their lunch break, it could be a dangerous gambit. Public Wi-Fi hotspots are notorious for being cesspools of online threats. Implementing a virtual private network (VPN) can be a handy investment that can encrypt data while it’s in transit, mitigating this risk somewhat.
  • Losing unencrypted devices: It’s not unheard of for an employee to use company devices in public places. If they accidentally leave their smartphone on the bus, or their tablet on a park bench, there’s always the risk that it can be stolen. Unless you practice proper encryption protocol, any information available on the device can be accessed by the person who finds it, be it a good samaritan or a tech-savvy thief.
  • Implementing unapproved solutions: Some employees simply prefer to use solutions that aren’t provided by the company to get their work done. The problem here is that the employee is moving forward without consulting IT about it, and that your data is being used in a solution that you can’t control. Plus, if the employee is using free or open-source software, these often come bundled with unwanted malware that can put your data in even greater peril.
  • Targeted business email scams: Phishing and spear-phishing attacks are growing more common. One example of this is an HR employee checking their inbox to find what looks like a job application or employment inquiry. All of the right information is there and nothing appears out of the ordinary; that is, until a malicious link contained within it starts to download malware or other nasty threats to your infrastructure. Other types of phishing attacks will ask end-users to confirm personally identifiable information or sensitive account credentials. Educating your team on how best to identify phony email messages is imperative to keeping your network secure.
  • Personal email use: It’s one thing to check your personal email account while at work, but another entirely to use your personal email account to perform work purposes. As the recent debacle with Hillary Clinton shows, people don’t take kindly to sensitive information being leaked via an unsecured email server that their organization has no control over. Add in the fact that personal email accounts are often not as secure as those in a professional productivity suite, and you have a recipe for disaster. You need to reinforce that your team should keep their work and personal email separate.
  • Leaving workstations unattended: Besides the fact that some tech-savvy employees are practical jokers, it’s a security risk to leave a workstation unlocked and unattended for long periods of time. Imagine if someone from outside of your organization walked into your office and accessed confidential files without authorization; that’s on the employee who got up and left the device unattended. Encourage your employees to always log off of their workstations, or at least lock them, before stepping away from their computer.
  • Using external storage devices: Your organization should only be using IT-provided USB devices and external storage. Otherwise, anyone with a random flash drive can connect it to your network, unleashing a horde of who-knows-what into your infrastructure.

User error is a primary cause for concern among businesses, but it can be mostly avoided by providing your staff with the training required to do their jobs properly. For more information about IT best practices, give us a call at (858) 509-1970.

Continue reading

Tag Cloud

Tip of the Week Security Technology Best Practices Privacy Cloud Business computing Google Network Security Productivity Hosted Solutions Microsoft Internet User Tips Malware Software Data Hackers Innovation Hardware Smartphones Business Email Tech Term Mobile Devices Backup Workplace Tips Communications Efficiency VoIP Business Continuity Smartphone Android Business Management IT Services Browser Windows 10 Data Backup Small Business Computer Cloud Computing Alert Data Recovery Communication Outsourced IT Managed IT Services Disaster Recovery Miscellaneous Network Managed IT Services Artificial Intelligence Office Chrome Router Ransomware Windows 10 Computers Windows IT Support Mobile Device Internet of Things Collaboration Cybersecurity Social Media Gadgets Law Enforcement Cybercrime Virtualization Facebook Quick Tips Telephone Systems Holiday Productivity Server Money Passwords Health How To Office 365 Password Applications Google Drive Phishing Automation Saving Money Word Upgrade Work/Life Balance App Spam Private Cloud Wi-Fi Social Engineering Information Encryption Training Connectivity Bring Your Own Device Save Money Operating System Managed Service Apps Data Security HaaS Office Tips BDR Keyboard IT Support Vulnerability Settings Data Breach Data Protection Microsoft Office Scam Voice over Internet Protocol Hacking Mobile Device Management Two-factor Authentication Mobility Paperless Office Bandwidth Infrastructure IT Plan Data Management Entertainment Machine Learning Users USB Value End of Support Firewall Networking VPN Virtual Assistant Unsupported Software Human Resources Display Marketing History Google Docs Remote Monitoring Save Time Employer-Employee Relationship Fraud Access Control Sports Battery Telephone System Charger Managed IT Comparison Staff Telephony Patch Management Website CES Software as a Service PDF Windows 7 Education Remote Computing Cleaning Botnet BYOD Worker Data Storage Content Management Flexibility Managed Service Provider Augmented Reality Big Data Government Computer Care Meetings Business Intelligence Cryptocurrency Legal OneNote IT Management Blockchain Servers Automobile Redundancy Wireless Update Avoiding Downtime Public Cloud Electronic Medical Records Spam Blocking Identity Theft Samsung Humor Internet Exlporer Benefits IT solutions Millennials Physical Security Safe Mode Best Practice Employee Tools Cache Wireless Internet Warranty Multi-Factor Security HIPAA HVAC Vendor Computer Accessories Computer Fan Evernote Sync Wiring OLED Files Television WiFi Data loss Criminal Techology Bing Hybrid Cloud Leadership Credit Cards Tip of the week Inventory Information Technology Cryptomining Data storage Printer Workforce Digital Signage Content Vendor Management Downtime Password Manager Wire webinar Trending Enterprise Content Management Bluetooth The Internet of Things Wireless Charging Devices Unified Threat Management Search Emergency Public Computer Screen Mirroring YouTube Help Desk Apple Virtual Reality Windows 10s Windows Server 2008 MSP Instant Messaging Database Troubleshooting Loyalty Mouse Internet exploMicrosoft Smart Technology Current Events HBO Accountants Video Games Google Search Audiobook Root Cause Analysis Business Mangement Conferencing Software Tips Password Management Security Cameras FENG Cortana Thought Leadership Mobile Computing How to Cast iPhone Worker Commute Amazon Authentication File Sharing Business Technology SaaS Smart Office Administrator Advertising Two Factor Authentication Knowledge Telecommuting Outlook Proactive IT Experience Gmail Emails Specifications NIST Hacker Risk Management Google Apps Skype Camera Relocation Black Market User Error Shortcuts Hiring/Firing Solid State Drive Amazon Web Services Flash Nanotechnology Biometric Security Travel Document Management Microchip Computing Infrastructure Network Congestion Remote Work Frequently Asked Questions Practices Scalability Net Neutrality Monitor Music Recovery Recycling Transportation Safety Digital Signature Smartwatch Politics Rootkit Workers Start Menu Addiction Social Employer Employee Relationship Audit Online Shopping Smart Tech Remote Worker 5G Books Assessment eWaste Search Engine IT Consultant Excel Hosted Computing ISP Wearable Technology CrashOverride Manufacturing Thank You Company Culture Compliance Congratulations Twitter Managing Stress Regulation Webinar Printers

Recent Comments

NoahAnton Cryptomining is Inspiring Cybercrime
25 April 2019
The growth stock is actually the Cryptomining which increases in capital value instead of yield in h...
Sara George Tip of the Week: Locating a Misplaced Smartphone
16 April 2019
If you’re smart phone will be missed then with the software of the tracking location has to find the...
Jenna Ray What Star Wars can Teach About Mentorship
15 April 2019
There are lots of things in this world from we can learn positivity and people of this era are to ad...
Henry Lasseter What Volkswagen is Doing to Prevent Hackers From Controlling Your Car
09 April 2019
Volkswagen was doing to prevent hackers for from controlling your car it was done by the hackers. I ...
Hunter Gill Essential Cybersecurity Tips From The FBI
09 April 2019
FBI is the federal agency of the investigation the firm which investigates the cases of severe term ...