Having strong security controls in place is critical to every single organisation, however if they are too restrictive you’re likely to find your users attempting to circumvent them. On the other hand, if they are too weak you put them and your business at risk.

So here are a handful of tips on how you can work with your employees to build strong and appropriate security measures which don’t make them feel like a criminal.

Do

Do create, communicate and publish a clear set of security policies for employees to follow.
Do include a security workshop for all new employees.
Do provide regular updates on cybersecurity explaining new and common threats and how to avoid them.
Do provide an incentive programme for security compliance and understanding.
Do implement security monitoring, alerts and notifications of security breaches and threats.
Do implement 2-factor authentication.
Do create an incident response team and plan and make sure it covers all locations, including remote workers.
Do provide employees with 24×7 access to the cybersecurity team and encourage them to use it if they have any questions or concerns.

Don’t

Don’t punish employees for ignorance, education is the responsibility of the business.
Don’t overload employees with information on threats.
Don’t enforce draconian rules, employees with generally work around them.
Don’t restrict your employees from doing their jobs effectively by locking key systems down.

If you can think of any more, please drop us a line, we’ll be happy to include your suggestions.