Get All Access for $5/mo

4 Things Your Employees Are Doing Right Now That Are Compromising Your Network Just because you know cybersecurity, doesn't mean your employees do.

By Jennifer Spencer Edited by Dan Bova

Opinions expressed by Entrepreneur contributors are their own.

In today's digitally connected world, your team has the unprecedented ability to quickly get the tools and information they need to streamline their work. But with all of that accessibility comes new risks to your cybersecurity. Malicious individuals are eager to gain access to the confidential information housed in your company's networks — and your employees can be an all-too-easy target.

Case in point: research from Stanford University and Tessian reveals that 88 percent of business data breaches are caused by employee mistakes.

Without sound cybersecurity training, your employees are likely going to continue making mistakes that have the potential to compromise your data — and your clients'. Understanding what they are doing wrong and setting things right is essential.

1. They're falling for phishing emails

Phishing scams are perhaps the most widely known example of how employees can compromise your network. These occur when an employee receives what seems to be a legitimate email asking them to click on a link or to provide certain information.

Unfortunately, simply clicking on a link could be enough to bring malware into your network. Employees must receive training to understand what these emails look like so they can send them to the spam folder where they belong.

As Steven Price notes in a blog post for Tech Rockstars, "The challenge is that phishing emails have gotten harder to spot. Scammers can spoof legitimate web addresses. They can make fake emails look like the real deal. But there are still plenty of minor details that indicate the e-mail is a fake. […] Training helps employees identify red flags."

Continues Price, "But more than that, it helps them identify changing red flags. For instance, a phishing email from 2010 looks nothing like a phishing email from 2020. Scammers stay ahead of the curve. They know the trends, and they know how to adapt. Your employees also need to know the trends and need to be ready to adapt."

Related: 5 Types of Employees Often Targeted By Phishing Attacks

2. They're doing work activities on an unsecured network

The rise of remote work has certainly benefitted employees and businesses by offering increased flexibility and reduced overhead. Unfortunately, the networks they use to access the internet may not be as secure as what you have in place in your office.

When an employee uses an unsecured wi-fi network (such as at a coffee shop or airport), hackers can easily intercept login information and other sensitive data that is transmitted via this connection. This includes emails, instant messages, bank account data — anything that the employee accesses while using this network.

Businesses must ensure that their own networks are fully secured, and provide strict instructions to employees regarding which networks they connect to for their work-related activities.

3. They're using outdated software

Most companies use a broad range of cloud computing tools, such as CRM software or logistics tracking. Most also use programs for word processing, accounting and other vital activities. Even for programs that don't seem to depend too much on the internet, ensuring that all software is fully up to date is crucial for preventing security breaches.

The reason behind many software updates is to address new security vulnerabilities that have been discovered. Failure to update software can leave loopholes that hackers can use to access the information being stored by your business. Similar issues can also result from using outdated hardware. Eventually, the hardware manufacturer will stop pushing updates for old equipment, leaving it vulnerable to security threats.

Ensure that your network administrator is keeping all software up to date. Remember that the cost of replacing old hardware will ultimately be much less than if you were to suffer a data breach.

Related: 5 Essential Considerations You Need to Make Before Investing in New Technology

4. They don't have good passwords

Easy-to-guess passwords (like "password" or "123456") are never a good idea — especially if your employees are using the same passwords for their work and private accounts.

As Clifford Colby and Sharon Profis explain in an article for CNET, "It's worth repeating that reusing passwords across different accounts is a terrible idea. If someone uncovers your reused password for one account, they have the key to every other account you use that password for. The same goes for modifying a root password that changes with the addition of a prefix or suffix. For example, PasswordOne, PasswordTwo (both bad for multiple reasons). By picking a unique password for each account, hackers that crack into one account can't use it to get access to all the rest."

Strong passwords use a mix of upper and lower case letters, numbers and special symbols. They should avoid using common words or phrases, as well as personal information that someone else might know.

A random combination of characters can be quite effective, even though your employee might need to write it down somewhere safe to remember it. Requiring strong passwords for business accounts and implementing two-factor authentication will help prevent easy breaches.

Are you helping your employees stay safe online?

Surveys indicate that 43 percent of workers don't receive regular cybersecurity training — and an additional eight percent have never been trained. This poses a major risk to your business, especially as phishing and other cybersecurity threats are becoming more prevalent and more sophisticated.

By ensuring that your employees know what to do — and what not to do — online, you can have greater confidence that their actions aren't putting your business at risk.


Jennifer Spencer

CEO of Energent Media

Jennifer Spencer is the founder of Energent Media, a digital marketing firm for tech startups. She is passionate about helping brands leverage content to share their stories with the world.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Business Solutions

Increase Productivity with This Microsoft 365 Subscription, Now $25 Off

It can make the entrepreneur life a lot easier.

Business News

Apple Pay Later Is Ending. Here's What's Taking Its Place.

The program was available for less than a year.

Leadership

This Artist Answered a Businessman's 'Powerful' Question — Then His Work Became 'the Poster Child for Juneteenth': 'Your Network Really Becomes Your Net Worth'

Reginald Adams was the executive director of a Houston-based art museum for more than a decade before he decided to launch his own public art and design firm.

Leadership

Harvard Business School Professor Says 65% of Startups Fail for One Reason. Here's How to Avoid It.

Team alignment isn't nice to have -- it's critical for running a successful business.

Business News

Here's What Companies Are Open and Closed on Juneteenth 2024

Since it became a holiday in 2021, Juneteenth has been recognized by some major corporations as a paid day off.

Growing a Business

I Hit $100 Million in Annual Revenue by Being More Transparent — Here Are the 3 Strategies That Helped Me Succeed

Three road-tested ways to be more transparent and build relationships that can transform your business — without leaving you feeling nightmarishly over-exposed.