We often share internet security tips with business owners, to help you safeguard both your network and your data. In turn, this keeps your customers and employees safe as well. But regardless of how many different safety protocols you implement, we continue to see one common mistake: Sometimes the rules are simply not enforced.
It is often said that a law that is not enforced is not really a law at all. The same can be said of company policies, when oversight and consequences are missing from the equation. There is really no point to creating safety protocol if those measures are not used consistently and faithfully.
We’re talking about policies such as (but not limited to):
- Requirements regarding password creation and regular changing of passwords
- Rules against sharing passwords
- Policies regarding non-employees to access the company’s network
- Guidelines on opening email attachments
- Rules regarding internet use at work
- …and so on
These policies are created to ensure network security, but they obviously won’t work if they aren’t followed. So, after putting together a security strategy, we recommend two more vital steps.
- Monitor employee internet use
- Regularly remind employees to change passwords and choose strong ones
- Encourage employee reporting of potential problems
- Restrict access of machines and accounts to essential employees only
Share potential consequences, and enforce them.
The potential consequences for breaking security guidelines should be clear, and communicated regularly via employee handbooks, email, meetings, and so on. Employees are much less likely to break a rule when they understand the potential consequences for both the company and themselves. And of course, those consequences must actually be enforced. A warning is sufficient in most cases, followed by potential termination for ongoing infringements, but the exact policies are up to you.
If you have further questions about creating a multi-faceted and well-rounded internet security policy, please give us a call at 888-RING-MY-TECH. We can help you secure your network, and show you the different vulnerabilities for which you should create clear and consistent guidelines regarding employee behavior.