Key Cybersecurity Considerations When Onboarding New Employees

Key Cybersecurity Considerations When Onboarding New Employees

It’s a common misconception that the only threats to an enterprise’s security come from external actors. Whether intentional or not, 47% of organizational data breaches are the result of internal human error, such as a misplaced device or document. Moreover, some employees present an even larger risk than others. According to recent reports, younger employees are more likely to bypass security protocols that are viewed as an impediment to their productivity. When it comes to onboarding new employees, young or old, enterprises must have proper security awareness & anti-phishing training, in addition to a strong privileged access management solution, to guard against the different types of human error that could create security vulnerabilities.

Incorrect Delivery

According to Verizon’s data breach report, “misdelivery” – sending something to the incorrect recipient – is one of the most common causes of data breaches. With convenient features such as auto-complete in email clients and applications, sending confidential information to the wrong person has never been easier. For example, an employee at a UK National Health Service clinic revealed the information of over 800 patients who had visited HIV clinics by entering email addresses in the “to” field rather than the “bcc” field. With proper security awareness training and email security, employees can better understand the gravity of such security mistakes and learn what steps they should take to completely secure their processes.

Passwords

Generally speaking, users do not like using passwords – particularly strong ones. In fact, 123456 is consistently the most popular password in the world and over 40% of users use their email password for other services. Although not creating secure and unique passwords is a common mistake for many users, writing down and sharing passwords with coworkers are other ways they can be easily compromised.

To help prevent these problems, enterprises must have a strong privileged access management solution. As an integral part of any privileged access management solution, password managers should regularly change passwords and store & encrypt them to be disclosed only to admins or programs in which the passwords are required. Additionally, password manager technologies should be customizable, include comprehensive platform coverage and allow the extension of authentication security with hardware security modules, smart cards, USB tokens and more.

Patching

Vulnerabilities in computer programs and mobile applications are common. When vulnerabilities are discovered, software developers race to patch them and send updates to users. Users should immediately implement software updates. By delaying software updates, users leave their systems open to be exploited by cyber criminals who know the exact exploit to look for. The 2017 WannaCry ransomware attack, for example, impacted over 200,000 windows users. The hackers used an exploit known as “EternalBlue,” which had been patched by Microsoft months before the attack. With proper security awareness and anti-phishing training, the 2017 WannaCry attack could have been completely avoided, as users would have better understood the importance of frequent software updates.

Many accidental employee security errors could have been avoided with proper training and awareness. It’s incredibly important to reduce employee’s opportunity to commit errors in enterprise cybersecurity. With strong email security, security awareness training and privileged access management, enterprises can be fully-educated and have the automated tools needed to ensure cybersecurity best practices are in place.

Related Insights

Email Phishing Training and Anti-Phishing Tools Matter Most Before the Holidays
May 25, 2022

It’s Time to Think Out-of-the-Box About Cybersecurity

“I could end the deficit in 5 minutes. You just pass a law that says anytime there is a deficit of more than 3% of GDP, all sitting members of Congress are ineligible for re-election.” - Warren Buffett

Email Phishing Training and Anti-Phishing Tools Matter Most Before the Holidays
May 13, 2022

Is Your Email Security Built to Withstand Determined Intruders?

We take great care to safeguard our homes and valuable assets with numerous methods of defense. We employ layers of protection, with double locks on external doors, alarm sensors on windows, strategically placed motion-activated cameras and signs in the yard to deter intruders.

Are You Still Falling for These Cybersecurity Misconceptions?
February 04, 2022

Are You Still Falling for These Cybersecurity Misconceptions?

We currently live in a cultural climate of escalating misinformation, spurious ideations, and fomenting conspiracy theories. Pick a topic - health, finance, politics… Brittany Spears - and you’ll unearth a plethora of factual distortion and false beliefs. The Covid-19 pandemic and subsequent vaccination program continues to be fraught with conflicting confabulations and political media manipulations. It’s hard to know what to trust, where to place your faith, or how to attain a sense of security. And security, on a personal and business level, is a core primary concern. Relying upon inaccurate information or outdated myths could lead to devastating consequences.

Contact Details

Contact RevBits

Message icon Request a Demo