How to Be a Good Employee and Reduce Security Risks to Your Company
A major breach at Saks and Lord & Taylor allowed hackers to obtain sensitive consumer data. The culprit? A single employee who could have easily prevented it.
As more and more companies operate in a digital world, it’s imperative that employees understand how to handle sensitive corporate information appropriately. Recently, hackers were able to obtain five million credit and debit card numbers by breaching the security at both Saks, Inc. and Lord & Taylor. The result is a devastating hit for both organizations, but more tragic is how easily the situation could have been avoided.
The hackers were able to access the system of both retailers through an online phishing attempt in which an employee likely opened a malicious email or web link. With access to sensitive information, employees are one accidental click away from causing a detrimental disaster. Here are some tips on being the best employee at your organization and keeping company secrets safe.
Follow Best Practices to Avoid Phishing
Let’s begin by tackling the misstep that led to Saks, Inc. and Lord & Taylor taking such a hard hit. Phishing attempts happen when a malicious individual attempts to gain your trust to obtain sensitive information. Two conventional methods of phishing can include having you actively respond to what you believe is a safe email or merely manipulating you into clicking on a dangerous link.
When receiving an email, be sure to note where the message originated from. On a computer, use your mouse to hover over the email’s ‘From’ field to view the full email address of the sender. You can accomplish the same on your smartphone by tapping on the ‘From’ field with your finger. Carefully gauge if the name of the sender matches a known email address. Hackers will try to create fake, but eerily similar email addresses of your colleagues to fool you. If the name and known email address don’t match up, there’s a chance you could be the target of a phishing attack. Be sure to contact your company’s IT department for further instructions.
Securely Lock Your Mobile Device
The amount of information we carry around on our smartphones can be surprising. In addition to your personal information, there’s a good chance that you might have a corporate email account on your device. Or perhaps, you may have direct access to critical systems. For those reasons alone, it’s vital to protect your smartphone with a password or pin code. Avoid using memorable dates, repetitive patterns or other easily guessable information when securing your device.
Increase Your Device’s Security
It can be challenging to ensure your device remains wholly secure and unaffected by malicious malware – after all, we’re only human. Your best defense is using a third-party solution to keep an eye on your device at all times. An app such as dfndr security has an anti-hacking feature, which alerts you to malicious websites before you even click on a link. Helping yourself with some personal security can aid your professional life, and hopefully, your proactive steps will win you an “employee of the year” award.