Frustrated by IT?

Book a free consultation to see how we can help

Confused by the Cloud?

Book a free consultation to see how we can help

Struggling to manage your data?

Book a free consultation to see how we can help

Engage IT Services

Keeping IT simple, we engage with you to provide the right solutions for your business.

User Awareness & Security Culture

by | Oct 12, 2023 | Cyber Security Awareness Month, Security & Compliance

First Published: 12/10/2022

Cyber Security is not just about implementing technical measures and controls to secure your data, a business should instil a culture of security awareness in all its staff. Data security should be seen as everyone’s responsibility.

Policies & Procedures

All businesses should have clear policies and procedures in place to address areas such data classification and handling, password and access control and Acceptable Use. This ensures your staff understand how data should be stored, accessed and shared and what they can do to reduce the risk of a security breach.

Security Awareness

The recent gov.uk Cyber Security Breaches Survey shows that in 2022, 39% of UK businesses identified a cyber-attack. Of the 39% of UK businesses who identified an attack, the most common threat vector was phishing attempts (83%).

Phishing is where a fake email is sent out to look like it comes from a reputable source such as Microsoft, Google, your bank etc asking you to access a link to update information, change your password so that the cyber criminals capture your login details.

Unfortunately, these emails can look quite convincing, but there are some quick checks you can do to verify the email:

  • Ignore the display name and double check the sending email address; often the domain being used is a different spelling variation that at first glance is not always noticed.
  • Check spelling and grammar; these are often poor in phishing emails.
  • Hover over hyperlinks to see the real URL the link will take you to, the display text of the link may look genuine, but the actual hyperlink could be completely different.
  • Lastly, don’t click the link. If the email is notifying you of an issue with an account, asking you to change your password etc; login in directly to that account online as you normally would to check for any issues.

If you do receive a phishing email that you are suspicious of, make sure you report it and warn your colleagues of the risk. Don’t forward the email, take a screenshot and send that, then delete the email.

Engage IT partner with Custodian 360 to provide ongoing Security Awareness Training and Simulated Phishing for you and your staff. This provides regular monthly online training and phishing simulations to check your staff’s security awareness and provide tailored training. Find out More

Physical Security

Physical security measures are just as important as technical measures. Having a secure complex password is great, but leaving it written down on a sticky note stuck to your monitor or in an easily accessible notebook is not so secure. Get in the habit of putting your screensaver/screen lock on when you leave your desk. Any hard copies of confidential/personal documents should be stored in lockable filing cabinets and those working with sensitive data should operate a clear desk policy.

Get in Touch

Complete our contact form and we will get back to you as soon as possible.

Or call 03333 057577

Give us a call for an informal chat to discuss your requirements and arrange a complimentary consultation.

Providing IT Services & IT Support for Small Businesses & Charities in Hampshire, Surrey & West Sussex.

Keeping IT simple, we engage with you to provide the right solutions for your business.

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from Engage IT.

Website

You have Successfully Subscribed!

Pin It on Pinterest