There is still a deep gap between the importance and actual implementation of security awareness measures in the home office. The Corona period should be reason enough to finally anchor the issue of awareness centrally in the organization. In order to protect yourself against viruses and other attacks in the digital world, our protection formula helps to print out.
Need
for Clarification in The Home Office
There's no telling yet when
we'll be able to return to the office. The home office will continue to be
normal. But what about cybersecurity? More recent studies speak for themselves : 81%
of all employees complain that they have not received any
specific guidelines or training on cybersecurity for working from home.
And that with increasing risk in the home office :
According to a survey
by OTRS among 500 IT managers, 80% have clearly increased
concerns about IT security. Not only on the technical side such as IT
configuration and support, missing incident response processes, but also on the
human factor.
If there was no concept to
sensitize employees before Corona, it cannot get better during Corona, or it
takes time to be readjusted.
IT Security Has to Get out Of the Corner
Basically, it is essential to
place IT security at different decision-making levels in the company and to
establish these as elementary standard processes in
the company. IT security is not exclusively part of the IT department of
an organization, as long as the human factor is involved in the IT security
process.
We need campaigns in
organizations. Not only selectively, but as an established standard
process that makes cybersecurity transparent and repeatedly addresses and
values the actions of people and the support of employees.
During the Corona period, we
all saw: In times of crisis, all energy flows into coping with this special
situation and there is little or no time to think carefully about the need to
raise employee awareness.
If IT security does not “run
along” subconsciously with people, nobody can be asked to act carefully in
extreme situations. Only when awareness is subconsciously present can people fall back on
these skills at any time in exceptional situations - but also in everyday life.
Knowing - Understanding - Acting
However, we do not achieve
this status through individual employee training courses, but rather through specific, targeted campaigns that
shape the everyday work of employees and become part of it. The following
points play a key role for success and should be the subject of an awareness
workshop :
§ Campaigns or programs identify the topics
that have the greatest influence on the framework conditions and requirements
of the organization.
§ The
program goes beyond an annual measure and takes into account recurring awareness measures spread
over the year .
§ The
content of the measures is conveyed specifically
to target groups and according to didactic
standards , so that behavioral changes at work, at home and when
traveling are encouraged.
The focus must be on
strengthening the self-efficacy of
people in companies and making it clear that everyone can make their
contribution to IT security. There are no software updates or firewalls
for social engineering, which is why the topic plays a special role in IT.
Security Awareness in The Home Office with PPAKMAS!
And this is where a “midnight
formula” of IT security awareness can come into play. In the meantime we
all know the “ AHA + AL
formula ” against infections: distance, hygiene, everyday mask, as
well as a warning app and regular ventilation. Together,
these easy-to-implement measures have a major impact.
With
the PPAKMAS formula we provide you with the counterpart for the digital world. So you are on
the safe side in the home office!
P (1) Like Password Manager
Use secure passwords that are different for each
account . A password
manager supports you and prevents a dangerous "mess of
paper".
P (2) for Patch Me if You Can
With regular security
updates, you close possible gateways for attackers. Applying patches
strengthens your
digital s protective shield and should therefore be carried out
promptly.
A for Hanging Up
Suspicious callers request
information about sensitive data, apply pressure or even urge you to make
transfers? Our colleague recently experienced a
fraud attempt himself
and reacted confidently. Take a deep breath and don't be caught off guard. Hang
up if you feel uncomfortable.
K Like to Know Contacts
Do you even know your safety
officer? Do you know where to report suspicious emails or calls? Do
not wait until you get into an emergency situation, but find out about your
contact person in advance.
M for Mails Pattern!
Warning signals such as a
wrong sender address and other inconsistencies should sound the alarm bells for
you. Scary corona mailings are currently circulating more and more. Put
it in the trash and if possible: report it.
A for Distance or Switching
Off!
There should be a strict
distance requirement between third-party devices and company computers. Unknown
USB devices such as sticks or gadgets are well-known sources of danger . But don't
forget to switch off your new roommates and smart eavesdroppers Alexa & Co.
S for Lock
As trivial as it sounds, lock
your screen when you move away. It should be clear to children that your
company computer is neither a toy nor a charging station. The general rule
is: If you separate personal and professional life, you are on the safe side.
Note: use authorised antivirus software to keep yourself safe.
No comments:
Post a Comment