Protecting company or customer data is an important skill for any professional. And it doesn’t matter whether you work in an office or remotely: there is always a risk of data leakage. To avoid causing problems for your employer and ruining your reputation, you need to follow basic cybersecurity rules.
General Recommendations to Consider
Let’s start with universal rules that will help reduce the risk of data leakage.
Keep your workspace organized. Do you write down passwords and other important information on stickers? Then don’t, for example, stick them on your laptop: there’s no telling what will happen when you decide to take a break. For the same reason, always put your gadgets in sleep mode when you’re away, and don’t forget to take your business notes with you (if you keep them on paper).
If possible, keep work and personal gadgets separate. In the office, employees often use corporate devices. But in remote work, it’s harder: not all companies provide gadgets in this format. If you work on a personal computer, laptop, or smartphone, be more careful with the apps and resources you use for yourself because, in this case, you risk not only your data but also the data of your employer. And don’t work on other people’s gadgets: their owners can later get access to your data.
Use antiviruses. In the office, you may not have to think about it. Often, the necessary programs are installed by security department employees. But if you work on your personal gadgets, you will have to protect yourself.
Consult with the company’s specialists. Find out who is responsible for cybersecurity and what guidelines are in place. Then you can rely on proven approaches rather than inventing your own.
Communication
The main thing to pay attention to here is what, to whom, and through which channels you write.
Double-check the recipient. This is especially important if you’re typing an email address manually or searching for a contact in messenger by nickname, first name, and last name, rather than by link. In such cases, it’s easy to make a mistake and accidentally send important information to the “wrong” place.
Try to use secure messengers. Of course, this isn’t always realistic. Often, it’s impossible to decide where to discuss work issues, since everyone in the company uses the same channel. But if there is such a possibility, offer something reliable.
For video calls, choose the right places. For example, it’s not a good idea to discuss tasks in a crowded café. But an office conference room, when there are no strangers in it, is fine.
Passwords
There are only a few rules here, but they significantly reduce your cybersecurity risk. First, don’t use the same password for multiple accounts. For example, if you have a particular password for your account at https://news.22bet.com/, it should be different for your Netflix page. If attackers learn it, you’ll lose access to services.
Second, avoid simple passwords. Sometimes such passwords are even offered by special programs, which is not safe at all. Many services have requirements for passwords: for example, use capital letters, numbers, or special characters. It’s also important to change passwords regularly, which will also reduce the likelihood of hacking.
And thirdly, enable two-factor authentication for important accounts (mail, messengers, etc.). Even if someone tries to log into your account using your password, a message about it will be sent to your phone number, and you can quickly change your password.
Data Storage
There are several options for data storage, and each has its own advantages and disadvantages. Let’s look at what the differences are from a cybersecurity perspective.
- Gadgets. You can store information on your work laptop or computer. It’s convenient if your colleagues don’t need access to it. In this case, the likelihood of a leak depends on how well the technique is protected. If you don’t download suspicious files and apps, use antivirus software, set passwords, and don’t leave the laptop unattended, the risk of leakage isn’t so high.
- External media (flash drives and hard disks). This is reliable if you follow the rules for protecting your computer and laptop. On the other hand, the media can be lost, and it isn’t immediately possible to find out whether someone has used the company’s data or not. Moreover, you can’t be sure of safety if you have to connect a flash drive or hard disk to someone else’s laptop because there may be malicious programs on it.
- Cloud storage. This is probably the most convenient solution, especially for collaborative work. But there are nuances here as well. Firstly, if the provider fails, access to data or even the data itself may disappear. Secondly, attackers can find the password for the account. And third, not all employees and partners follow cybersecurity guidelines, which also increases the risk of data leakage.
If the company doesn’t have specific rules, it’s likely that at least some of the information is stored in cloud services. In this case, follow all recommendations about passwords and make sure the gadget you are working on is secure. Furthermore, if the data is important, it’s better to access it via email address rather than a link. This way, only those who are authorized to see it will see it.
Malicious Links
To gain access to sensitive information, attackers often rely on the human factor. For example, they try to find out account details in a conversation, create phishing sites, and send emails with malicious links. The following rules will help you avoid getting caught:
- Check the address of the website before entering any data. Sometimes scammers make sites extremely similar to those of banks, mail services, etc.
- Install only official apps and updates from verified stores. This applies to software on all gadgets, even if you just check your email occasionally. This way, you are less likely to accidentally download malicious software.
- Don’t click on links from suspicious emails. For example, those that have landed in your spam folder or have an unknown sender. You should also treat messages from acquaintances carefully: if a colleague or business partner suddenly offers to click on an obscure link, write to him or her separately to avoid being hacked.
Social Media
The key here is to be careful about what content you post. Even if your job isn’t related to SMM and you just make a video about your day, documents, photos, and other confidential data may accidentally get into the frame. It’s also worth clarifying how the company treats work-related content on an employee’s personal blog: there may be restrictions on this.