Cybersecurity tends not to be top of mind for most people as they ease into the Christmas season. Except for cybercriminals, that is. For them, given that holidays mean limited staff and resources, the Christmas season is like, well, Christmas. Guards are down, online shopping is up, which is a dangerous breeding ground for laziness and complacency: two things that these bad actors are counting on.
If only that creativity-requiring Christmas favorite, the Elf on a Shelf, could be used to monitor cybercriminals at this time of year, rather than potentially misbehaving children. But since it can’t, employers can step in. Not to creepily perch themselves in precarious situations in their employees’ houses to watch over them and their families. No, that would be wrong. Where they can provide value though is by sharing these holiday cybersecurity tips to help keep their team members safe and secure, cyber-wise, during these coming weeks. Consider it as our gift to you this holiday season.
Keeping Your Employees Cybersafe This Holiday Season
In addition to simply wanting your staff members to avoid the headaches, and even devastation, that accompany victims of cybercrime, today’s employers have even more reason than ever to want their employees to adopt top-notch cybersecurity best practices. In these times of hybrid and remote work environments, many organizations have adopted a Bring Your Own Device (BYOD) work policy in which employees can use their personal devices for work purposes. While BYOD is convenient for employees and can result in cost-savings for employers, it does present some significant security vulnerabilities for organizations. All the more reason to ensure that employees are being cyber smart on their devices, devices that may have access to your sensitive organizational data.
Doing e-Commerce Right
Online shopping has grown like crazy in recent years. Americans spent over $200 billion on online holiday shopping last year, and 60% of holiday shoppers prefer online purchasing over visiting a retail store. It’s safe to say that your employees will be indulging in some online shopping this month. And e-Commerce has the ability to be rife with cyber vulnerabilities.
Here are some strategies to share with your staff for a safe (and fun) online shopping experience:
- Before picking out that perfect gift, be sure that all internet-connected devices ‒ including PCs, smartphones, and tablets ‒ are free from malware and infections by running only the most current versions of software, web browsers, and other apps;
- Only use secure wi-fi for online purchases – using free public wi-fi to shop online while at your favorite coffee shop is tremendously convenient, but it is not cyber-safe;
- Monitor your online financial accounts regularly for suspicious spending, and take advantage of the text and email alerting services that many banks and credit card companies now offer; and
- Shop securely – not only should you make sure your internet connection is secure, but also check to make sure you’re shopping on a site that uses SSL protection (by looking for HTTP is the URL, sites without the ‘s’ in HTTPS are not safe to submit payment information or other personal details).
Protection Against Identity Theft
Identity theft is not a fun thing to go through. And you definitely don’t want your hard-working employees to kick off the new year by being a victim of this invasive cybercrime. The best protection against identity theft is ensuring that your employees have proper log-in credentials for all devices. This means creating long and unique passphrases for all accounts (password or 123456 just won’t cut it) and having them use multi-factor authentication wherever possible.
Phight the Phish
Phishing is a form of social engineering in which cybercriminals attempt to trick their target victims into disclosing personal information, such as account numbers or passwords. At first glance, phishing might seem like something that only a fool would fall for, but these cybercriminals are shockingly savvy at replicating legitimate emails and messages. This is why 74% of phishing attacks that were targeted at American businesses in 2020 were successful.
So, how can you avoid having your organization fall into that 74% group? Educate your employees to:
- Be wary of offers that are too good to be true – no matter how tempting they might be;
- Buy only from trusted and established online retailers and avoid websites of retailers they’ve never heard of;
- Think before they click – grammatical and spelling errors, inconsistencies in email domain names, threats, requests that are urgent in nature, are all signs of phishing emails; and
- Avoid opening emails from unknown senders or clicking on links in suspicious messages.
General Cybersecurity Strategies for Remote Workers
During the holidays, and all year long, employees should take special care when accessing company systems externally. If your organization uses a secure VPN, employees should be instructed to use only it and no other.
Employees should also be encouraged to address the security of their home networks. Personal computers and devices are an easy way for attackers to gain access to networks. Ensuring employees have passwords to home routers and the proper firewalls lowers the chances of an attack.
And finally, if an employee suspects an attack on their home system, they need to report it immediately. Oftentimes employees fail to do so for fear of reprisal, but containing and investigating the situation, sooner rather than later, is critical
Confirm that Your Cybersecurity Practices are up to Par
While all of the above-noted strategies are an excellent start for ensuring your organization’s cybersecurity, the best way to guarantee that your company is cyber safe is to work with the experts.
Grapevine MSP is Bakersfield’s leading IT Managed Services provider and cybersecurity specialists. Treat yourself to some complete peace of mind this holiday season with the gift of cybersecurity from Grapevine MSP