How to Train New Employees on Corporate Security Well
This way, you can ensure your company will not suffer devastating security incidents in the future.
We find that one of the biggest reasons that motivates employees to bypass security measures is saving time and being more productive.
This can happen even more often with a new hire who may be eager to add value to the organisation but do not fully understand your company’s procedures and security requirements.
They may want to use tools and systems that that used in the past in order to boost performance in your organisation – and this is great!
But if this is done outside the eyes of your IT, it can also mean that sensitive data could be put at risk.
So how can you prevent this?
This is often referred to as ‘shadow IT’ as it implies information-technology systems and solutions built and used inside organisations without explicit organisational approval.
Younger generations in particular are accustomed to using a variety of apps and hardware to deliver their work and make their lives easier, and often tend to take IT matters into their own hands.
While it can be seen as a proactive attitude, it can also be a dangerous endeavour when sensitive data is stored and shared on media that does not meet your industry’s requirements for security.
For example, if employees use applications meant to increase workplace productivity and collaboration – such as Evernote and Dropbox.
If these are not pre-vetted or monitored by you IT, they can put the entire organisation at risk for exposure and compliance issues.
In fact, a Blue Coat study has found that as much as 40% of IT budgets are now being spent outside of the company’s IT departments, on various other systems and applications.
However, these may not fully satisfy the organisation’s security standards.
This generally happens when staff feel they are not getting as much value as they need from existing IT applications and systems.
So how can you tackle this problem?
1.Develop and interactive onboarding process
When onboarding new staff, make sure they receive a complete security training, including the systems that are used within your organisation, data security and privacy policies, etc.
If you use an interactive approach to this, you increase awareness of IT security and the understanding of how it works and why it is important.
Both for the entire organisation as well as for individual staff members.
Try having a Q&A session with new hires and older staff too, in which these policies can be discussed.
2. Review your staff’s need for new IT software or hardware regularly
Start looking at what apps your staff are using and why.
If there is a pertinent reason that can create real business value for your organisation, you need to find a way for these apps to be included alongside your approved apps.
This will ensure that security standards are preserved.
You will also quickly learn if any of their needs are not met.
You will be able to help find the best application for your organisation to use, without having your employees turn to shadow IT solutions.
If your business is located in Scotland we may be able to provide a free consultation to help you with this.
3. Test your employees on a regular basis
In the real world, cyber criminals send around 156 million phishing emails daily.
16 million of these make it through the filters, half (8 million) are open.
800,000 of them are clicked, and 80,000 people fall for the scam. A
nd that’s just in ONE day.
Wouldn’t you want to know how many of the people in your organisation would fall for these scams?
And even more important, wouldn’t you like to ensure they don’t?
Luckily, you can do both by using an interactive security awareness training.
You can start with a phishing test today.