A recent social experiment put out 200 USB flash drives in public resulting in concerning cybersecurity risks to devices including personal and employer computer equipment.
This social experiment was put on by CompTIA that is an information technology (IT) industry leader representing global interests of IT professionals and leading IT industry experts.
Their social experiment resulted in 17 percent of employees plugged the found USB flash drive into their device. Users then proceeded to engage in several potentially risky behaviors: opening text files, clicking on unfamiliar web links or sending messages to a listed email address. With the rise of cybersecurity threats, this is a clear indication of the growing issue organizations face with employees who practice unsafe cybersecurity habits and put your employer at risk.
Employees must be aware that the first line of defense is your employees and training. Unfortunately over 45 percent of 1,200 users surveyed stated that they do not receive any form of cybersecurity training at work or another 15 percent rely on paper-based training manuals. Training employees should be a priority on cybersecurity best practices.
Some other interesting facts regarding the survey and the importance of cybersecurity best practices:
- 94 percent of full-time employees regularly connect their laptop or mobile devices to public Wi-Fi networks.
- 69 percent handle work-related data while connecting to public WI-FI networks.
- 38 percent of employees use the same password for work and personal purposes.
- 63 percent of employees use their work mobile device for personal activities.
- 41 percent of employees do not know what two-factor authentication is.
- 37 percent of employees only change their work passwords annually or not at all.
How can you protect your business from these threats?
- Work with you IT department or IT consulting team to come up with company security policies.
- Implement a USB policy blocking employee access to the USB port. The port will still allow for devices to connect to the port however no data transfer.
- Implement a proper company password policy resulting in a mandatory password changes every 90-120 days. Also the password should be complex and cannot be reused.
- Consult with your IT consulting team and find a proper two-factor authentication to protect your business.
- Educate and train all employees on company IT policies as well as cyber security threats as they are your front line of defense to protect your business.
Our Complimentary Network and Security Assessment will give you a complete picture of your IT infrastructure including how your technology matches your business goals, gaps in security and how technology can help increase profits and productivity.