Create Stronger Cyber Safety Policies
Even the most capable employee won't know all the cyber threats they face, so giving them strong policies to follow is a must. Set effective rules and guidelines to ensure that your employees know what's appropriate, and what isn't, when they're working online.
Establish a clear Internet usage policy
Your Internet policy should be specific about the types of online practices that are acceptable when using work computers, devices and emails.
- Restrict the types of websites that employees are allowed to visit to exclude those that could compromise your network. Consider implementing a web filtering system. Advise employees on what software is safe to install on their computers, and to seek permission when downloading new programs.
- Require employees to set strong passwords, change them every 90 days, and use different passwords for different logins.
Establish rules for using email safely
Creating a strong email policy will make it easier for employees to foil the schemes of cyber criminals.
- Restrict the amount of personal email sent using employee's work accounts. This will limit your business' exposure to online threats that come through personal contacts.
- Specify when it's appropriate for employees to share their work email addresses. Limit it to trusted contacts and organizations.
- Tell staff to avoid using the "@" symbol when posting a company email address online. Instead, use formatting such as "john at companyxyz dot com" so that spambots can't extract the email address.
- Prohibit employees from opening and responding to suspicious emails.
- Direct employees to avoid opening email attachments unless they're from trusted contacts and organizations.
Establish a strong social media policy
Using social media can give small businesses a leg up on their competitors. But it also presents a unique set of challenges. How should an employee use social media? How should employees represent themselves online?
Here a few pointers on avoiding social media headaches:
- Set rules on what kinds of business information can be shared online, and where.
- Prohibit employees from posting confidential and proprietary information.
- Create instructions on whether employees should use their work email to sign up for social media sites and newsletters.
- Set guidelines on the correct usage of company trademarks.
- Consider implementing a company social media policy. You can tailor yours based on the many examples that are available online.
- Date modified: