Infracore Blog

Infracore has been providing enterprise-level IT Support for medium sized businesses in and around San Diego, CA since 2003. Time and experience has helped us develop best practices, workflow procedures and a proactive philosophy toward the management of IT departments for our clients.

How an End User Might Accidentally Undermine Your Security: 10 Innocent Mistakes

How an End User Might Accidentally Undermine Your Security: 10 Innocent Mistakes

If you’re like every other small business out there, you know that the more employees you hire, the more technology that you have to procure. However, when you have more end-users, you provide more avenues for threats to slip into your network infrastructure unnoticed. When all it takes is one simple mistake from a single end-user, how can you minimize the chances of falling victim to an untimely hacking attack?

We’ve put together ten honest mistakes that any end-user can make, and how they can be prevented.

  • Clicking on malicious links: With so much information on the Internet, it’s easy for an employee to search through countless pages without any regard to the sites and links that they’re clicking on. You need to emphasize the importance of safe browsing, including double-checking the destination of a link before clicking on it. You can do so by hovering over the link and looking in the bottom-left corner of your browser.
  • Using weak passwords: Employees frequently use passwords that aren’t strong enough to keep hackers out. Often times, they’ll simply use something of personal significance, like the name of their pet or a specific date. This isn’t the right way to approach password security. Instead, users should attempt to put together passwords that are private, randomized strings of numbers, letters, and symbols.
  • Ignoring mobile security: Even if your company has the latest and greatest security solutions installed on its desktops, you should also be thinking of your mobile devices, like smartphones and tablets. It’s arguably more important that your mobile devices have solid security solutions implemented on them, as they are often on the road, connecting to potentially dangerous hotspots. You need to make sure that security is a top priority in your Bring Your Own Device (BYOD) policy.
  • Accessing sensitive data through unsecured connections: If your employees are using the local café’s free wireless Internet to get some work done on their lunch break, it could be a dangerous gambit. Public Wi-Fi hotspots are notorious for being cesspools of online threats. Implementing a virtual private network (VPN) can be a handy investment that can encrypt data while it’s in transit, mitigating this risk somewhat.
  • Losing unencrypted devices: It’s not unheard of for an employee to use company devices in public places. If they accidentally leave their smartphone on the bus, or their tablet on a park bench, there’s always the risk that it can be stolen. Unless you practice proper encryption protocol, any information available on the device can be accessed by the person who finds it, be it a good samaritan or a tech-savvy thief.
  • Implementing unapproved solutions: Some employees simply prefer to use solutions that aren’t provided by the company to get their work done. The problem here is that the employee is moving forward without consulting IT about it, and that your data is being used in a solution that you can’t control. Plus, if the employee is using free or open-source software, these often come bundled with unwanted malware that can put your data in even greater peril.
  • Targeted business email scams: Phishing and spear-phishing attacks are growing more common. One example of this is an HR employee checking their inbox to find what looks like a job application or employment inquiry. All of the right information is there and nothing appears out of the ordinary; that is, until a malicious link contained within it starts to download malware or other nasty threats to your infrastructure. Other types of phishing attacks will ask end-users to confirm personally identifiable information or sensitive account credentials. Educating your team on how best to identify phony email messages is imperative to keeping your network secure.
  • Personal email use: It’s one thing to check your personal email account while at work, but another entirely to use your personal email account to perform work purposes. As the recent debacle with Hillary Clinton shows, people don’t take kindly to sensitive information being leaked via an unsecured email server that their organization has no control over. Add in the fact that personal email accounts are often not as secure as those in a professional productivity suite, and you have a recipe for disaster. You need to reinforce that your team should keep their work and personal email separate.
  • Leaving workstations unattended: Besides the fact that some tech-savvy employees are practical jokers, it’s a security risk to leave a workstation unlocked and unattended for long periods of time. Imagine if someone from outside of your organization walked into your office and accessed confidential files without authorization; that’s on the employee who got up and left the device unattended. Encourage your employees to always log off of their workstations, or at least lock them, before stepping away from their computer.
  • Using external storage devices: Your organization should only be using IT-provided USB devices and external storage. Otherwise, anyone with a random flash drive can connect it to your network, unleashing a horde of who-knows-what into your infrastructure.

User error is a primary cause for concern among businesses, but it can be mostly avoided by providing your staff with the training required to do their jobs properly. For more information about IT best practices, give us a call at (858) 509-1970.

Continue reading

Tag Cloud

Tip of the Week Security Technology Privacy Best Practices Cloud Business computing Google Microsoft Software Malware Network Security Hackers Backup Tech Term Hardware Innovation Windows 10 Internet Data Business Email Android Smartphones Hosted Solutions Business Continuity Browser Alert VoIP Small Business Managed IT Services User Tips Business Management Smartphone Office Cloud Computing Computer Mobile Devices Ransomware Computers Disaster Recovery Outsourced IT Data Backup Cybercrime Miscellaneous Communications Productivity Efficiency IT Services Law Enforcement Chrome Collaboration Cybersecurity Password Facebook Virtualization Windows Data Recovery Productivity Money Passwords Network Managed IT Services Social Media Artificial Intelligence Router Telephone Systems How To Upgrade Communication Work/Life Balance Health Social Engineering App Gadgets Internet of Things Office 365 Quick Tips Applications Phishing Data Protection Data Breach Word Workplace Tips IT Support Data Security Apps Two-factor Authentication HaaS Office Tips Vulnerability Spam Private Cloud Connectivity IT Support Windows 10 Bring Your Own Device Microsoft Office Hacking Holiday Mobile Device Management Google Drive Wi-Fi Automation Saving Money Patch Management Website CES End of Support History Paperless Office IT Plan Information Data Management Cleaning Operating System Scam Content Management Worker Mobile Device Unsupported Software Big Data Business Intelligence Remote Monitoring Marketing PDF Computer Care Blockchain Managed IT Identity Theft Battery Update Server Electronic Medical Records Managed Service Provider Samsung Infrastructure Windows 7 Bandwidth Government Remote Computing Entertainment BYOD Save Money VPN Data Storage USB Value Networking Public Cloud Flexibility OneNote Legal Employer-Employee Relationship BDR IT Management Redundancy Comparison Avoiding Downtime Keyboard Charger Spam Blocking Mobility Automobile Tools Servers Amazon IT solutions Authentication Physical Security Best Practice Telecommuting SaaS Gmail Computer Fan Sync Wireless Internet Two Factor Authentication Knowledge Specifications Data loss Apple Safe Mode Experience Google Apps Tip of the week Voice over Internet Protocol Downtime Information Technology Internet exploMicrosoft HVAC Risk Management Amazon Web Services Nanotechnology Techology Users Content Machine Learning Hiring/Firing Remote Work webinar Practices Managed Service Recovery Recycling The Internet of Things Wire Network Congestion Digital Signature Screen Mirroring Search iPhone Virtual Assistant Music Workers Windows 10s Addiction Windows Server 2008 Transportation Safety Root Cause Analysis Instant Messaging Advertising Enterprise Content Management Politics Rootkit Online Shopping Smart Tech HBO Virtual Reality Telephony Video Games Audiobook Relocation User Error YouTube Employer Employee Relationship Conferencing Hosted Computing Software Tips MSP Books Assessment eWaste FENG Sports IT Consultant Millennials Encryption Cast How to Telephone System Wearable Technology Cache Monitor Benefits Multi-Factor Security HIPAA Botnet Password Management Training Evernote Settings Outlook Worker Commute Criminal Skype Computer Accessories Credit Cards Emails Inventory Education File Sharing Television Smart Office Leadership Workforce Black Market Password Manager Solid State Drive Flash Firewall Trending Human Resources Meetings Travel NIST Vendor Management Wireless Charging Devices Frequently Asked Questions Google Docs Start Menu Scalability Humor Internet Exlporer Bluetooth Fraud Access Control Computing Infrastructure Emergency Public Computer Files Document Management Save Time Accountants Troubleshooting Loyalty Business Mangement Audit Data storage Smart Technology Current Events Staff Wireless Hybrid Cloud Cryptocurrency Cortana Thought Leadership Excel CrashOverride Twitter Thank You Congratulations Company Culture WiFi Compliance Managing Stress Webinar Augmented Reality Regulation

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

JeffereyANoah 5 Useful Cloud Apps for Small Businesses
15 August 2018
Sharing these type stuff is very useful and hope you will provide us more like this one. I come here...
Jared Albert VoIP Delivers Benefits That a Traditional Phone System Can’t
13 August 2018
A traditional telephone system is installed for the happiness of the people. Majority of the concern...
Meredith Maddox Tip of the Week: Tip of the Week: Mirror or Cast Your Android Device’s Screen
08 August 2018
Android mobile phones are top of the list now a days every one wants to buy android phone. It’s a bi...
MarianneJCruz Tip of the Week: Got a Solid State Drive? Here’s How to Take Care of It
31 July 2018
What a review
Digital Hold The Case for Hosting Your Phone Solution In-House
24 February 2018
Informative Blog. Thanks a lot for the useful info.