Training staff to work securely: three top tips

Putting comprehensive IT security processes in place helps keep a business’ data safe – but training staff to work securely is just as important.

Failing to do so can significantly reduce the robustness of even the most state-of-the-art security systems. This therefore increases the risk of sensitive data ending up in the wrong hands or becoming lost altogether.

Here are three key top tips to keep in mind when training staff to work securely, to help avert potential disasters:

1. Don’t forget the basics

Most companies will have a set list of IT-related rules they expect their employees to follow. Many of these expectations may seem fairly obvious though and not worth stressing.

But you could be surprised – what may seem self-explanatory to you, may not be to your staff. This is particularly the case for employees in entry-level positions, who could be in their first professional role and may well be computer literate, but may also have never worked in an office before and could be unfamiliar with following set protocols.

When training staff to work securely, it’s better to be safe than sorry and to start with the basics. For example, the importance of setting strong and hard to guess passwords, or of not losing work phones or laptops.

It’s not rocket science, but the messages are still essential ones. Just because they’re on page 43 of the employee induction handbook, doesn’t mean that staff will read it, or pay attention to it.

Training staff to work securely means covering the basics too and making sure that these are fully understood, just in case.

2. Location, location, location

As technology continues to evolve, so the number of locations for work documents increases.

Smartphones, tablets and laptops allow employees to continue working with ease away from the office, while personal cloud storage systems such as Google Drive act as a storage medium between all these different devices.

The problem is that with so much data being accessed outside the office and away from its IT systems, these documents become much more difficult to monitor and protect.

The rise and rise of the ‘bring your own device’ culture means that now more than ever, staff need to be made aware that they could be putting sensitive data at risk by storing it in a location away from the company’s servers.

Different companies will have their own rules about to what extent it is acceptable to store work documents away from their IT servers, but whatever the protocols are, they need to be communicated clearly when training staff to work securely.

3. Stay safe online

A key part of any business’ IT security strategy is to make sure that staff don’t commit risks while using the internet.

These risks include – but are not limited to – downloading potentially unsafe programs, visiting insecure websites, clicking on links in phishing emails and sharing sensitive information on social networks.

Some businesses have a blocked list of websites which cannot be accessed and require authorisation to download programs, while good spam email filters will block most unwanted messages.

Nevertheless, not all risks can be blocked entirely and employees need to be made aware how to stay safe online and what the potential threats are.

In summary: training staff to work securely

Employees need to know they must take great care with all company equipment, be consistent with where they save sensitive data and avoid potential pitfalls online.

These are just some of the key considerations but if you would like more information, or want to discuss our IT support packages please get in touch and we’ll be happy to have a chat.