It doesn’t take sophisticated hackers to access business computers when employees leave the digital door open, and even invite intruders into your office. The nice lady you hired to answer the phone may not recognize the danger of logging on to play solitaire between calls, and that temp working in bookkeeping may be downloading sensitive customer data right now!
Do you know what your employees are doing on workplace connections to the Internet? Does your IT professional recognize potential threats and build protections against these threats?
Take a look at what employees could be doing on work computers:
Many people love Facebook® and other social media sites. Twitter®, Facebook, LinkedIn®, Pinterest® – there are lots of social media sites for your employees to visit during slow times during the work day. Some even create social media accounts on your company computers. This is like handing them the office keys.
Make it clear to employees that social media is not part of their job descriptions and they should avoid logging in to any social media website from a work computer.
Cyber-bullying is a growing problem. It’s easy for employees to bully co-workers using your workplace computers. And a manager who threatens an employee with punishment, employs name-calling, publishes malicious statements, or uses intimidation by office email is not acting appropriately in the workplace and could expose the company to legal action.
Your employee manual must clearly explain the company’s no-tolerance position on cyber-bullying. It shouldn’t happen in the workplace, but it does.
Shopping online is a breeze, especially when you do it during the work day – when you should be working. Online transactions can make you vulnerable to hackers. They’re also attractive targets for sophisticated hackers looking for names, addresses, Social Security numbers, account numbers, passwords – everything the bad guys need to create a fictitious “you” online.
Your office IP address is the address of record as hackers swap and sell your access codes to the highest bidder. Think back over the retailers and service providers that have been hacked in the past few years – and they probably have top-tier IT professionals. Make sure employees know not to use work computers to shop online.
Playing games. Candy Crush and similar games may be addictive and waste time. In addition, when employees download the game, they download tracking software (cookies) that can provide easy access to your digital business information and may put records in the hands of hackers.
Creating personal accounts. It’s easy to create a password-protected account that even the business owner can’t access. Employees may create personal accounts on business computers for online gambling websites, porn sites, and websites they don’t want showing up on their home devices.
Some employees create secret email accounts so certain messages are never seen on the main computer. A separate email account – one you don’t even know about – can compromise much of the digital security you’ve put in place, simply by connecting to a hacker who now has an email address stored on your office computer. All it takes is one secret email account and a downloaded virus to convert critical company data into digital gibberish.
Ignoring online threats. A lot of employees won’t recognize a threat. Those who do may feel they’ve solved the problem by deleting the file, but the file is still on the hard drive waiting to launch an attack on your company server.
How to Make Office Computers Safer
o Train your staff in the basics of Internet safety. For example, never open an email or an email attachment from an unknown sender.
o Create company policies, in writing and reviewed by legal counsel, describing acceptable and unacceptable use of business computers.
o Hire an IT consultant to review current employee practices and network configuration to identify weaknesses and opportunities to bulk up your company’s computer security.
o Increase the spam filters on work computers to the maximum, using the Control Panel function of your operating system.
o Install key logger software. This software logs every keystroke of every employee every day, so you know where employees go. Be honest with employees and tell them about the software and why it’s been installed. This will help solve many of the problems listed above.
o Create customized permissions to various office accounts. The business attorney may need full access; the warehouse manager just needs inventory data. Don’t allow access unless that employee needs access. This can help prevent employees from downloading critical business information like patents, strategies, bids and contracts, to a flash drive and walking out the front door with your best-selling product specs.
You’ve worked hard to build a business – and it’s all there on the office server hard drive.
Don’t let a careless or malicious employee steal what you’ve built.
The information provided is presented for general informational purposes only and does not constitute tax, legal or business advice. Any views expressed in this article may not necessarily be those of Nevada State Bank, a division of ZB, N.A.