8 Cybersecurity Tips Your Employees Need to Know

Every Government agency needs to teach their employees basic cybersecurity tips
Every Government agency needs to teach their employees basic cybersecurity tips

Your Government agency is in danger.

Sam Kim, the Chief Information Officer of Clark County, told Government Technology that “Local Governments are attractive targets [for cybercriminals]…regardless of how big or small you are, you need to be vigilant.”

These remarks underscore the necessity of actionable cybersecurity tips, advice, and knowledge that so many agencies lack.

But it’s not you – IT professionals – that are lacking in this knowledge.

It’s everyone else.

The end user is the most dangerous IT security liability in your agency.

The IBM Security Services 2014 Cyber Security Intelligence Index report found an incredible and disturbing trend:

Of nearly 1,000 clients in 133 countries, over 95% of all cybersecurity incidents involved “human error” as a contributing factor.

According to the report, “The most commonly recorded form of human errors include system misconfiguration, poor patch management, use of default usernames and passwords or easy-to-guess passwords, lost laptops or mobile devices, and disclosure of regulated information via use of an incorrect email address.”

With Cybersecurity Awareness Month beginning in 2 days, it’s the perfect time to help your co-workers brush up on their IT security knowledge.

8 Cybersecurity Tips for Protecting Your Agency

Here are 8 cybersecurity tips that you can use to help the end users in your agency recommit to cybersecurity best practices.

We’ve also included a few ideas on how you can educate your employees on these tips to help you create a basic program for educating, training, and encouraging everyone in your agency to play a proactive role in protecting your organization from cyberattackers.

Create Strong Passwords

This is an essential cybersecurity tip for people who don’t quite understand the nuances of IT security and the risks of an easy-to-hack password.

Let them know that one of the most powerful security organizations in the world, the Department of Homeland Security, specifically suggests these tips:

  • Never use your name, or the names of your kids or pets, or any other easily findable information about yourself
  • Don’t use common passwords
  • Break up your passwords with marks and symbols like @, !, #, 1, 9, etc.
  • Always use a combination of lowercase and uppercase letters

You should also consider implementing a “password change policy” that mandates a routine password change every 45-90 days, with an explicit rule against using the same password over and over again but with a different number or character at the end (we’re sure you’re well aware of THAT guy).

Lock up All Your Devices Whenever You Leave Them

When your employees leave to take a lunch break, go to the bathroom, or go home at the end of the day, you need to make sure they always remember to lock their computer, tablet, phone, or other device that stores sensitive information.

The few minutes it takes for them to grab a snack or smoke a cigarette is just enough time a malicious insider needs to steal valuable data.

There are 2 things you can do to get your employees in the habit of locking their machines:

You can play the “Donuts Game” and/or you can encourage “Goating.”

Both are humorous, fun, and effective ways to get everyone involved in identifying bad security practices.

Be Aware of Phishing Emails

This is an essential and easily forgotten cybersecurity tip:

Be hypervigilant regarding your email and links in your email – you might be getting “phished.”

You have to repeat this over and over and over again to people who don’t live and breathe cybersecurity.

Educate your employees about phishing and tell them that it’s one of the most common email scams out there.

Let them know how it works:

  • The “phisher” poses as a legitimate business, agency, or person and sends you a spoofed message.
  • The message is usually urgent, and the sender will almost always ask you to click on a link to resolve the issue.
  • Once you click on the link, it will either install malware on your device or send you to a spoofed website that steals the information you input into it.

And let them know how to avoid being phished:

  • Double-check the sender to verify it’s an email address you recognize.
  • Look for blatant and consistent spelling errors in the body of the email (this is a hallmark of both spam and phishing emails).
  • Contact the sender directly, either in person or by phone, to verify that they actually sent you an email.

Install an Antivirus

We know some IT security experts don’t use antivirus, while others argue that antivirus is still important.

One thing we can all agree on is that the end user absolutely needs an antivirus because they’re far more likely to engage in riskier behavior than you are.

The 2017 Government Internet Security Threat Report offered a staggering statistic that you could pass on to your employees:

The number of detections of ransomware increased by 36% from 340,000 in 2015 to 463,000 in 2016.

Bottom line:

Don’t allow your employees to work on their machines without the antivirus running, and make sure it’s set to update automatically.

Use a VPN

Setup and strongly encourage the use of a VPN.

Let your employees know how critical a VPN is to their security and safety, especially when accessing data remotely.

Enforce a policy that simply states “every employee must access the company’s network using their VPN.”

Enforce Strict Access Privileges

Your staff should only have access to information that they need to access in order to perform their job functions.

Any access beyond that point puts your agency at risk.

Financial data, other employees’ data, official information, etc. should only be accessed by particular team members and managers.

Use access control on your organization’s intranet, on commonly used software, and on any other work-related programs.

Develop a Disaster Recovery Plan

A disaster recovery plan (DRP) is a set of procedures and resources to control the fallout of an unexpected attack, accident, or disaster.

A good DRP eliminates guesswork and enhances your team’s response effectiveness during an emergency.

To develop a solid plan, make sure to:

  • Take inventory of all your hardware, software, devices, and data
  • Ensure everything is consistently being backed up
  • Ensure you have the appropriate hardware and software required to perform a backup if needed
  • Assign a project manager to oversee the creation and maintenance of your DRP
  • Test your plan regularly to ensure it can appropriately respond to unexpected threats
  • Get your whole team involved in creating and executing your DRP

Provide On-Going Cyber Security Training to Your Staff

Use our cybersecurity tips to begin engaging your employees in an ongoing effort to protect your agency from cyberattackers.

Attempt to cultivate a cybersecurity awareness culture amongst all of your employees. Make it so that it’s not just October when everyone starts practicing good online behavior – they take cybersecurity seriously all year-round

If you want to secure your agency against serious threats, then get serious about training and educating your staff about the importance of cybersecurity.

Of course, only IT professionals need IT exam preparation tips to prepare for certification tests to upgrade their skills and knowledge

But your employees could benefit from formal courses in order to help defend your agency from serious threats.

Now, it’s true that it’s not easy to find good IT security training materials and instructors. And it’s also not easy getting your employees to learn – what with some people preferring microlearning, while others preferring long-form learning.

But the effectiveness and cost of eLearning changes all of this.

Now, you and your non-IT staff can continually educate yourselves and stay up-to-date with the latest threats and threat prevention tools and procedures.

Where can you find all this information?

Right here at Enterprise Training Solutions.

Cybersecurity Tips On-Demand

With videos, ebooks, and courses on topics ranging from phishing to malware to ransomware, we give you access to all the knowledge you need to improve your current security posture and prepare for any future threats.

Experience the proven, easy-to-use, and cost-effective benefits of online training by scheduling your free online training consultation today!

Schedule Free Consultation

 

6 Proven IT Exam Preparation Tips That Will Help You Pass the Test

With the right tips, IT exam preparation can be fun and easy.
With the right tips, IT exam preparation can be fun and easy.

To receive a career-making IT certification, you’ll need some proven IT exam preparation strategies.

Many professionals today still treat exams like they did in college:

  • Read (or skim) the book and study materials once
  • Pull an all-nighter
  • Take the exam

You’re going to be sorely disappointed when you apply this strategy and fail.

Instead of doing what rarely works, why not try a few strategies that almost always work?

We’ve compiled 6 tips for effective IT exam preparation. If you apply them to your studies, you’ll be much more likely to pass the exam, get your certification, and move forward in your career.

6 IT Exam Preparation Tips

Create a Study Plan

There is a well-documented technique for remembering information over the long-term.

It’s called the spacing effect, and it’s critical for IT exam preparation.

If you know when you’ll be taking your exam, you can break down your course materials to determine how much you need to study each day, and when you can review that information a few more times before the exam date.

Here’s how to do it:

  • Create an outline
  • Mark relevant pages of books you’re studying
  • Mark times on videos you’re watching
  • Gather all your class materials
  • Create flash cards
  • Create a timeline
  • And forget about cramming

Stick to your study plan, and you’ll be much more likely to retain most of the information you learn, as opposed to your last-minute, late-night friends who will forget what they were studying by the morning of the exam.

Sleep Well

Speaking of late nights, it’s best to avoid all-nighters and inefficient sleep patterns altogether.

Students who regularly pull all-nighters end up with lower GPAs according to a St. Lawrence University study.

You’re better off studying regularly and sleeping well then cramming and not sleeping at all.

Use Memory Techniques

There are a wide variety of memory techniques to help in your IT exam preparation.

Mnemonic devices like acronyms are particularly powerful.

Acronyms abbreviate a set of words down to the first initial of each word.

It works like this:

  • Choose a term, concept, or rule that you’re studying
  • Create an acronym using the first letter of each word
  • Memorize the acronym or make up a silly phrase for it

For example, the order of operations in math – parentheses, exponents, multiplication, division, addition, subtraction – can be memorized using the acronym “PEMDAS.” or can be expanded into:

Please Excuse My Dear Aunt Sally.

Form a Study Group

A study group leverages the knowledge and skills of other people to improve everyone’s IT exam preparation strategies.

Here are a few ways to make a study group useful:

  • Do all of the studying together
  • Quiz each other every session
  • Take practice exams together and discuss the answers afterward
  • Set time limits for your study sessions
  • Set goals to focus on during study sessions
  • Use a quiet space that won’t be distracting, but try to study in different rooms for maximum results

Stay Physically Healthy

Multiple studies confirm that regular exercise, especially cardio, significantly improves the problem-solving and memory functions of your brain.

Eating foods that are good for your brain before and during a test is an easy way to prepare for a tough IT exam as well.

Making sure to take regular study breaks is also important. Your brain needs time to process the information you’re learning. Take a day off every once in awhile and do something fun and leisurely.

Use Practice Exams

While the rest of the IT exam preparation tips we’ve given you will be helpful to some, they’re not helpful to all.

One of the few proven tools for excelling on exam day is taking a practice exam, according to a study from Henry L. Roediger.

Practice exams give you a taste of what to expect when you sit down to take your real exam.

It helps you work through your anxiety, pace yourself, time yourself, and find out how much information you can recall from your studies.

If you’re trying to pass the gold standard of IT exams, CompTIA, then it’s imperative that you take practice exams.

But where can you find good practice exams?

Sure, there are plenty of practice questions all over the internet, but there are very few practice IT exams that will actually mimic CompTIA or something similar.

If you want train your brain to be ready for exam day, and take advantage of one of the most powerful study techniques, then we can help.

Enterprise Training Makes IT Exam Preparation Easy

If you want to take your IT career to the next level and need effective practice exams to do it, then we’ve got you covered.

We offer a wide variety of certification training and exam prep materials from industry leading vendors, including Project Management Institute, Microsoft, CompTIA, Cisco, Amazon, TOGAF, Six Sigma, ITIL, IIBA and more.

Experience the proven, easy-to-use, and cost-effective benefits of online training – explore our complete list of certification curricula today!Learn More