Infracore LLC Blog

Infracore has been providing enterprise-level IT Support for medium sized businesses in and around San Diego, CA since 2003. Time and experience has helped us develop best practices, workflow procedures and a proactive philosophy toward the management of IT departments for our clients.

How an End User Might Accidentally Undermine Your Security: 10 Innocent Mistakes

How an End User Might Accidentally Undermine Your Security: 10 Innocent Mistakes

If you’re like every other small business out there, you know that the more employees you hire, the more technology that you have to procure. However, when you have more end-users, you provide more avenues for threats to slip into your network infrastructure unnoticed. When all it takes is one simple mistake from a single end-user, how can you minimize the chances of falling victim to an untimely hacking attack?


We’ve put together ten honest mistakes that any end-user can make, and how they can be prevented.

  • Clicking on malicious links: With so much information on the Internet, it’s easy for an employee to search through countless pages without any regard to the sites and links that they’re clicking on. You need to emphasize the importance of safe browsing, including double-checking the destination of a link before clicking on it. You can do so by hovering over the link and looking in the bottom-left corner of your browser.
  • Using weak passwords: Employees frequently use passwords that aren’t strong enough to keep hackers out. Often times, they’ll simply use something of personal significance, like the name of their pet or a specific date. This isn’t the right way to approach password security. Instead, users should attempt to put together passwords that are private, randomized strings of numbers, letters, and symbols.
  • Ignoring mobile security: Even if your company has the latest and greatest security solutions installed on its desktops, you should also be thinking of your mobile devices, like smartphones and tablets. It’s arguably more important that your mobile devices have solid security solutions implemented on them, as they are often on the road, connecting to potentially dangerous hotspots. You need to make sure that security is a top priority in your Bring Your Own Device (BYOD) policy.
  • Accessing sensitive data through unsecured connections: If your employees are using the local café’s free wireless Internet to get some work done on their lunch break, it could be a dangerous gambit. Public Wi-Fi hotspots are notorious for being cesspools of online threats. Implementing a virtual private network (VPN) can be a handy investment that can encrypt data while it’s in transit, mitigating this risk somewhat.
  • Losing unencrypted devices: It’s not unheard of for an employee to use company devices in public places. If they accidentally leave their smartphone on the bus, or their tablet on a park bench, there’s always the risk that it can be stolen. Unless you practice proper encryption protocol, any information available on the device can be accessed by the person who finds it, be it a good samaritan or a tech-savvy thief.
  • Implementing unapproved solutions: Some employees simply prefer to use solutions that aren’t provided by the company to get their work done. The problem here is that the employee is moving forward without consulting IT about it, and that your data is being used in a solution that you can’t control. Plus, if the employee is using free or open-source software, these often come bundled with unwanted malware that can put your data in even greater peril.
  • Targeted business email scams: Phishing and spear-phishing attacks are growing more common. One example of this is an HR employee checking their inbox to find what looks like a job application or employment inquiry. All of the right information is there and nothing appears out of the ordinary; that is, until a malicious link contained within it starts to download malware or other nasty threats to your infrastructure. Other types of phishing attacks will ask end-users to confirm personally identifiable information or sensitive account credentials. Educating your team on how best to identify phony email messages is imperative to keeping your network secure.
  • Personal email use: It’s one thing to check your personal email account while at work, but another entirely to use your personal email account to perform work purposes. As the recent debacle with Hillary Clinton shows, people don’t take kindly to sensitive information being leaked via an unsecured email server that their organization has no control over. Add in the fact that personal email accounts are often not as secure as those in a professional productivity suite, and you have a recipe for disaster. You need to reinforce that your team should keep their work and personal email separate.
  • Leaving workstations unattended: Besides the fact that some tech-savvy employees are practical jokers, it’s a security risk to leave a workstation unlocked and unattended for long periods of time. Imagine if someone from outside of your organization walked into your office and accessed confidential files without authorization; that’s on the employee who got up and left the device unattended. Encourage your employees to always log off of their workstations, or at least lock them, before stepping away from their computer.
  • Using external storage devices: Your organization should only be using IT-provided USB devices and external storage. Otherwise, anyone with a random flash drive can connect it to your network, unleashing a horde of who-knows-what into your infrastructure.

User error is a primary cause for concern among businesses, but it can be mostly avoided by providing your staff with the training required to do their jobs properly. For more information about IT best practices, give us a call at (858) 509-1970.

0 Comments
Continue reading

Tag Cloud

Tip of the Week Security Technology Best Practices Privacy Cloud Google Network Security Business computing Microsoft Malware Hosted Solutions Hackers Data Software Innovation Internet Hardware Business User Tips Backup Smartphones Tech Term Data Backup Business Continuity Email Browser Mobile Devices Windows 10 Android VoIP Smartphone Computer Cloud Computing IT Services Productivity Small Business Outsourced IT Data Recovery Managed IT Services Alert Workplace Tips Communications Business Management Computers Disaster Recovery Ransomware Miscellaneous Managed IT Services Office Chrome Efficiency Artificial Intelligence Law Enforcement Communication Cybercrime Network Social Media How To Router Internet of Things Office 365 IT Support Password Applications Telephone Systems Facebook Virtualization Productivity Windows Money Passwords Collaboration Cybersecurity Windows 10 Server Gadgets Social Engineering App Google Drive Saving Money Word Quick Tips Information Upgrade Holiday Health Spam Work/Life Balance Scam Data Breach Office Tips Private Cloud Mobile Device Management IT Support BDR Microsoft Office Hacking Phishing Automation Bring Your Own Device Wi-Fi Data Security Save Money Mobility Data Protection Voice over Internet Protocol Managed Service Vulnerability Two-factor Authentication Keyboard Apps Mobile Device Connectivity HaaS Battery Worker Managed Service Provider Software as a Service VPN Big Data OneNote Government Redundancy IT Management Human Resources Computer Care Spam Blocking Fraud Avoiding Downtime Google Docs Remote Computing Public Cloud Electronic Medical Records Flexibility IT Plan Comparison Samsung Operating System Bandwidth Website CES Training Servers Entertainment Legal USB Value End of Support Automobile Unsupported Software Paperless Office Firewall Networking History Remote Monitoring Content Management Managed IT Telephony Employer-Employee Relationship Data Management Business Intelligence Windows 7 Virtual Assistant Blockchain Charger Identity Theft Patch Management Update PDF Settings Encryption Marketing Infrastructure BYOD Telephone System Data Storage Sports Cleaning Password Management Credit Cards Inventory Meetings Travel Mobile Computing WiFi Criminal Risk Management Video Games Audiobook Frequently Asked Questions Workforce Monitor How to Start Menu File Sharing Password Manager Hiring/Firing Audit Wireless Charging Devices Network Congestion Worker Commute Smart Office Administrator Trending Music Excel NIST Access Control Transportation Safety Education Camera Politics Rootkit Shortcuts Accountants Books Assessment Black Market Tools Augmented Reality Business Mangement Employer Employee Relationship IT solutions Physical Security Computer Fan Sync Cortana Thought Leadership IT Consultant Humor Internet Exlporer Document Management Microchip Staff Wearable Technology Scalability Tip of the week Cryptocurrency Amazon Authentication Benefits Files Computing Infrastructure Data loss Telecommuting Television Data storage Downtime Remote Worker Gmail Computer Accessories Hybrid Cloud Wireless The Internet of Things Google Apps Leadership webinar Search Engine Specifications Windows 10s Windows Server 2008 Safe Mode Amazon Web Services Nanotechnology Screen Mirroring Wireless Internet Warranty Vendor Management HVAC Remote Work Practices Emergency Public Computer Root Cause Analysis Wiring Recovery Recycling Bluetooth Apple Best Practice HBO Troubleshooting Loyalty FENG Workers Addiction Save Time Internet exploMicrosoft Conferencing Software Tips Machine Learning Bing Digital Signature Information Technology Online Shopping Smart Tech Smart Technology Current Events Techology Users Cast Wire Printer Enterprise Content Management Hosted Computing Botnet Unified Threat Management eWaste iPhone Content Outlook Millennials SaaS Search Skype MSP Cache Advertising Emails YouTube Help Desk Instant Messaging Solid State Drive Flash Evernote Two Factor Authentication Knowledge Relocation User Error Virtual Reality Mouse Multi-Factor Security HIPAA Experience Webinar Company Culture Compliance Managing Stress CrashOverride Regulation Printers Twitter Thank You Congratulations

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

Chantale Bass Tip of the Week: How to Use Tabs to Their Full Potential
15 December 2018
Tabs we need to use only with the ways of the potentially uses from the internet use and also for th...
JoseSClark How You Can Get Microsoft Office Certified
14 December 2018
Many users want to get Microsoft Office certified for theirselve and it was a good post for them. Re...
Donna Brock 3 Significant Ways the Cloud Can Grow Your Business
13 December 2018
In every field of life technology have a big name and now technology provide the facility to save yo...
Phillip Bond A Checklist of 40 Microsoft Software Titles Reaching End of Life/Extended Support in July 2016
11 December 2018
A checklist of the components is done for the widening of the elements. The scope of the check list ...
Erickson Ferry Tip of the Week: Useful Shortcuts for Google
30 November 2018
Your blog was too good. I was exceptionally satisfied to discover this site. I needed to thank you f...