NFIB

What Your Employees Don't Know Can Hurt You: Teach Them About Digital Security
04/ 18/ 2002

by Tamara Holmes

Are you sitting on a digital time bomb?

If your employees have no high-tech common sense, they might be putting your company at risk in a myriad of ways, says Dwight A. Campbell, senior information technology consultant for Information Engineering Services in Alexandra, Va.

There are certain basics that all employees should know about technology. But if an employer assumes his staff is already tech-literate, the company may be in for a rocky road ahead.

The list of potential threats is not a short one, but Campbell says the two biggest concerns are that computer systems will contract a virus or workers will give out sensitive company information.

Educate employees about computer viruses and tell them to use anti-virus protection software and to be careful of what they download, he says.

"Download from trusted sites--those you are knowledgeable about," Campbell says. "Only accept files from well-known vendors or people that you absolutely know and have confidence trading files with."

If your employees communicate with customers or business partners through email and Instant Messaging, they should be careful about information they give out. Sensitive business information should not be transmitted via email under any circumstances. And employees also should be careful that they don't put any information on their hard drives that may be damaging to the company at a later time.

"Everyone should be concerned about what's stored on a hard drive," says Campbell. "Files aren't as easily deleted as we often think they are. Most information--including sensitive data--can be recovered with the right software."

Competitors could get their hands on your business's blueprints. But that's not the only thing that should worry you. If your company gets into legal trouble, information can be subpoenaed, including the digital data that's sitting on your employees' hard drives.

Your employees' actions need not be the direct cause of all potential disasters. Rather, their negligence about a few basic issues could land your company in hot water.

The world of business can be a scary place, and not all competitors are ethical. According to an FBI study released in April, 90 percent of companies and government agencies surveyed said their computer networks had been broken into, but only 34 percent of them had reported the breach of security to authorities.

Employees can lessen the risk of having sensitive information stolen by using sensible passwords to log onto company networks and by changing those passwords frequently.

Passwords should not be easy-to-remember and easy-to-crack phrases such as a spouse's name, a pet's name or the word 'password.' Rather, passwords should be made up of both letters and numbers, if possible, making it harder for password-cracking software to figure them out.

Employees should be prepared for the possibility of computer failure. Should your company's network go down or an employee's computer crash, would information be lost forever? Not if your employees have a regular backup plan to copy and store data in a safe place.

Companies should distribute these basic tips to employees through written guidelines and hold educational sessions on digital literacy, says Campbell.

"The do's and don'ts of computing should be voiced as much as possible," he says.

Small Business Sound Off
Does this story hit home?  Share your story with us