Contact Us Today!   314.394.3001   |   info@andersontech.com
Anderson Technologies
  • Home
  • Services
    • Overview
    • Managed IT Services
    • Cyber Security
    • System Administration
    • HIPAA Compliance Services
    • Ransomware Protection
    • Hardware & Software Consulting
    • Cloud Computing Services
    • Web Design
    • Anderson Archival
  • Industries
    • IT Support for Accountants
    • IT Support for Dental Offices
    • IT Support for Financial Services
    • IT Support for Architects and Engineers
    • IT Support for Manufacturing
    • IT Support for Nonprofits
  • Learn
    • What Are the Biggest Mobile Security Threats of 2020?
    • What Are Mobile Security Best Practices?
    • Battle of the Brands: Microsoft’s Office 365 vs. Google’s Workspace
    • What Does a Firewall Do for a Network?
    • How to Maintain Security When Employees Work Remotely
    • How to Protect Your Data from Ransomware
    • Comparing Mobile OS
    • What Is Phishing?
    • How to Identify Phishing and BEC Scam Emails
    • What Is MFA And Why Do I Need It?
    • How to Reduce Risk and Secure Your Internet of Things Devices
  • Training
  • Resources
    • Free Ebooks
    • Webinar: Cyber Security at Home: Protecting Your Business & Family
    • Newsletter Sign Up
  • About
    • About Us
    • What Our Clients Have To Say
    • Careers
  • Press
  • Blog
  • Contact
    • Contact Us
    • Free Consultation
    • HIPAA Services Inquiry
  • Help
  • Menu Menu
Cyber Security Employee Training

Cyber Security Training for Employees: What Does Common Sense Mean?

January 3, 2018/in Data Security /by Anderson Technologies

The new year is here, and a useful resolution for every small business is training employees on how to stay safe online. Many small businesses rely on their employees’ common sense when it comes to password creation, email threats, and avoiding unsavory websites, but what exactly is common sense in cyber security terms? Someone untrained in cyber security techniques won’t have the same kind of common sense as someone steeped in the latest security threats and updates. That’s why formal cyber security training for employees should be an important part of every business.

Your small business can benefit from more in-depth cyber security training for your employees, and the best course of action would be to enlist the help of a local IT consulting company or your managed IT service provider. They are the experts and know what common mistakes can lead to trouble for your business and your bottom line. Regardless of who provides the training, there are a few key topics any instruction on common sense habits should include.

Secure Passwords

Passwords remain the most wide-spread form of identity verification on the internet, so how a user creates a secure password is important. For years, websites and apps demanded passwords of at least eight characters, capital and lowercase letters, at least one number, and a special character. Most people think they have a strong grasp of what makes a secure password. Unfortunately they’d be wrong, thanks to new cyber security guidelines.

Last year the National Institute of Standards and Technology (NIST) released the Digital Identity Guidelines. This report states that the current method of password creation is making passwords more predictable because people “have only a limited ability to memorize complex, arbitrary secrets, so they often choose passwords that can be easily guessed.” When a site enforces the letter, number, symbol requirements, people tend to make predictable alterations to that easily-guessed password, or they end up writing down the password in order to remember it. Neither option makes the password very secure.

The new guidelines suggest that users be allowed to make longer, more memorable pass phrases that are not easily guessed. Memorability is more important than complexity. Randomized passwords are still the strongest option, but may lack memorability. A password manager such as LastPass or Dashlane could be the best solution, allowing the user complex, randomly-generated passwords without the need for memorization.

Email

Emails are key to most phishing and spear phishing campaigns, so training your employees on this cyber security threat is crucial. Criminals hope to trick an unsuspecting user into clicking on a link or attachment that leads to or contains malicious content. Thankfully, common sense generally tells people not to click on a random link pasted into the body of an otherwise empty email, even if it comes from someone on their contact list. But, as with passwords, our understanding of common sense needs to be updated.

Spear phishing campaigns have become dangerously sophisticated, and knowing how to stay safe online means being skeptical of anything that feels a little off. Emails from companies about services you didn’t buy, unexpected closure of accounts, or missing information are all ways criminals lure you into clicking on a link in an email.

Teach your common sense to look beyond the layout and familiar logos. Spear phishing can often be identified by misspelled email addresses or country codes that don’t belong to the company. A user must be vigilant, as these changes are subtle and sometimes hidden by a name in place of an email address. Hover over the links or name to reveal the full address without clicking on it. Make sure to double check anything that doesn’t make sense.

Another way to ensure you’re not caught by a spear phishing attempt is to always go to a company’s website manually rather than from a link provided. Some criminals use links that send you to a fake mirror website to trick you into logging into your account. The criminal records your login information and then has access to the real account with you none the wiser. By choosing to go to your account from another tab or window without clicking the link, you can verify if something is actually wrong with the account without the risk of giving up your information.

Surfing the Web

Common sense for how to stay safe online starts with the business owner. Installing an enterprise-level firewall is the first and best defense against a cyber attack. These can often be configured to your business’s needs and block content you don’t want employees viewing on a company computer. Sites with disreputable content are prime targets for cyber criminals. Ensuring your employees never access unsafe sites will protect your company.

It’s also important to activate any “safe search” functions within your browser and on your anti-virus and anti-malware programs. This runs any site you search for through a list of sites known to be compromised. These sites can come up in any search without you realizing it. Criminals create websites meant to trick you into thinking it is a legitimate business and even hack into real sites. Safe search is another layer of common-sense IT protection.

These are just a few of the common sense procedures your employees should follow. For cyber security training and in-depth answers to common sense mistakes, turn to Anderson Technologies, a St. Louis IT consulting company that offers on-site training seminars for small businesses. Let our expert consultants teach you what to avoid to keep your business safe. Contact Anderson Technologies at info@andersontech.com or call us at 314.394.3001.

Contact Us

Tags: employee training, small business
Share this entry
  • Share on Facebook
  • Share on Twitter
  • Share on WhatsApp
  • Share on Pinterest
  • Share on LinkedIn
  • Share on Tumblr
  • Share on Reddit
  • Share by Mail
You might also like
ZeroDayThreats The Single Biggest Threat to Small Business Security: Zero-Day Threats
Save Money with Investment in IT Support Services for Small Business The End of the Tax Year Is Here: Invest in Small Business IT Support Services and Infrastructure
chaos-pixabay Network & Computer Audit for a Small Organization
IT Consulting firm The Surprising Ways an IT Consulting Firm Can Help Improve Your Business
Small Business for Small Business: An IT Partnership
SKY’s the Limit for Website Development

Newsletter Signup



Recent Posts

  • Byte-Size Tech: Insure Against Tech Disaster
  • Work From Home – Who’s Flipping to Hybrid?
  • Byte-Size Tech: Don’t Get Zoom-Bombed!
  • 5 Tips for Security-Conscious Zooming
  • Byte-Size Tech: Employee Training Can Make Or Break Your Cybersecurity

Seeking IT support and managed services?
Get a free consultation today.

Contact Us

  • Home
  • Services
  • Resources
  • About
  • Blog
  • Contact
  • Help
  • Privacy Policy
ATI Logo
Phone: 314.394.3001
Email: info@andersontech.com

13523 Barrett Parkway Dr
Suite 120
St. Louis, MO 63021



© - Anderson Technologies
  • Home
  • Services
  • Resources
  • About
  • Blog
  • Contact
  • Help
  • Privacy Policy
Equifax Hack Updates: What You Can Do NOW to Keep Your Credit Safe St. Louis IT Company Data Security Cyber vulnerabilities Meltdown and Spectre Don’t Have a Meltdown: Shedding Light on the Spectre/Meltdown Vulnerabili...
Scroll to top
We use cookies to understand how you use our site. Click Accept to confirm your approval of this, or learn more in our Privacy Policy. Accept Privacy Policy
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

SAVE & ACCEPT