The Top 5 Things Your Employees Should Know About Information Security

Aside from your IT staff, most of your employees probably aren’t information security-savvy. As a result, you have to make sure they’re armed with tools and strategies for protecting your organization’s information. Here are the top five things they should know about information security.

1. A Clean Desk is More Than Just Being Organized

Workspaces cluttered with files also present information security risks. Sticky notes and documents containing confidential information should never be left unattended in work areas. Encourage your employees to return files to locked cabinets as soon as they’re finished with them. Use a shredding and destruction service to ensure that no longer needed paperwork gets deposited into locked collection containers for professional shredding.

2. Public Wi-Fi Networks Aren’t Secure

Hackers often take advantage of public Wi-Fi networks to gain access to sensitive information; a real risk to employees who work remotely or on-the-go. Many companies require their employees to use a company VPN network for internet access. A VPN encrypts all transmitted data for secure wireless communication.

3. Mobile Devices Are Easily Stolen

The laptops, smartphones and other mobile devices issued to your employees are favorite targets of data thieves. One stolen mobile device can compromise your entire organization. Make sure your employees are aware of the risks of leaving company issued devices unattended in the following areas:

• Cars, taxis and rental vehicles
• Hotels and conference rooms
• Offices and restrooms

4. Complex Passwords Make A Difference

Passwords are used to prevent unauthorized access to applications containing sensitive information. But all too often, employees use passwords that are too predictable or the same password for multiple applications. Encourage your employees to use passwords that contain:

• Upper and lower case letters
• Numbers and special characters
• At least 14 characters

For added information security, require your staff to change passwords for each application at least every six months.

5. Deleted Data Isn’t Gone Forever

Information can still be extracted from devices you think are wiped clean. Consider this scenario: An employee decides it’s time to upgrade the USB drive she’s used for the past few years. She deletes the files from the drive and tosses it in the trash. Days later, the “deleted” data is compromised and your company has a privacy breach.

This scenario can be avoided with an information destruction policy that utilizes a hard drive & media destruction service. A hard drive & media destruction service grinds media into small pieces so sensitive data cannot be compromised.

Your employees don’t need to be information security experts; they just need to know the right strategies for protecting your company’s data. The five points outlined above are a great place to start for ensuring that data is protected and secure.

Records Management Center offers records and information management services for businesses throughout Augusta, Evans, Thomson, and Martinez, GA, and Aiken, SC and the Central Savannah River Area. For more information, please contact us by phone or complete the form on this page.