Human error causes more than 80% of cybersecurity breaches. The vast majority of these cyberattacks are preventable with employee cybersecurity training. Below, you can see four of the most frequent vulnerabilities that companies face.
1. Weak passwords
A weak password is as easily compromised as locking your house and leaving the key under the rug. It is often believed that by having a password, you are already safe from hackers who want to access your devices, but this is not the case. Recently, a large hotel group had its database compromised by protecting it with a weak password (Qwerty1234).
All employees must be aware that having the most sophisticated tools for cybersecurity is of little use if simple passwords are then used to access the data. Currently, there are already many platforms that do not allow easy passwords, or that use double factor authentication for user login. Broadly speaking, passwords should be long, containing numbers, letters (both upper and lower case), and symbols. And for those who are more careful, they should change it every so often.
2. Leaving devices unattended
Remote or hybrid work is fine, but it does come with some associated risks. If your employees are working from a public place, and leave their devices unattended for any time, they are leaving the doors of the company open to third parties. Everything and protecting the files with strong passwords, it is common to have the passwords saved on the devices for productivity and comfort issues. It is important to configure the computers with the automatic lock due to inactivity.
If the hacker has the corporate device in his possession, he can access the company and install any type of malware globally.
3. They fall for a phishing attack
Phishing emails are one of the most powerful weapons that cyber attackers have, since it is one of the cyber attacks that manage the highest success rates. For this reason, more than 3.4 billion phishing emails are sent every day.
These emails are sometimes very thin and easy to spot. This high volume of easy-to-detect phishing emails leads those who are more focused to overlook and turns many people who do not have specific cybersecurity training into phishing victims. And often the company they work for is affected by this intrusion.
If your employees are not trained in the field of cybersecurity, you can access our awareness portal, where they can find a multitude of resources for raising awareness in this field
Make sure your employees know how to identify a suspicious email, and if they are unclear, that they report it to the IT team directly.
4. There are no set access guidelines
Everything and that you have total trust with the employees, it does not make sense to give free access to everyone, but rather that each employee has to have access to the necessary documents, and not to the total.
Restricting access to only the necessary documents causes any of the vulnerabilities mentioned above and is hacked, you will only have part of the corporate documents in your domain, and you will not have access to all of them. And what could be a catastrophe, can end up being a small problem.
At Tranxfer we take into account that more than 80% security breaches are caused by human error, and that a large part of these can be avoided by raising awareness and training all employees in cybersecurity.