Tech Tip: The Number-One Threat to Your Security Is …

You! And your employees. Like it or not, human beings are our own worst enemies online, inviting hackers, viruses, data breaches, data loss, etc., through the seemingly innocent actions taken every day online.

In most cases, this is done without malicious intent. But if you as a manager or an owner aren’t monitoring what websites your employees are visiting, what files they’re sending and receiving — even what they’re posting in company email — you could be opening yourself up to a world of hurt.

That’s because employees’ actions can subject the company they work for to monetary loss, civil lawsuits, data theft and, yes, criminal charges if they involve disclosure of confidential company information, transmission of pornography or exposure to malicious code.

One thing you can (and should) do is configure your firewall to document and monitor which websites users are visiting. Almost all enterprise-level firewalls have this ability built in; you simply need to configure it and monitor the reports. Your IT department or vendor can help you with this.

But it’s up to you to set the rules, write them into an Acceptable Use Policy, train employees on what is and isn’t acceptable and then get them to sign the AUP.

Alan Edwards, CISM, is chief information officer at Computerware, Inc., in Vienna, Virginia.

tagsAcceptable Use PolicyAlan EdwardsAUPComputerwarecybersecurityhackers