{"id":2894,"date":"2016-09-22T16:30:25","date_gmt":"2016-09-22T23:30:25","guid":{"rendered":"https:\/\/blogs.poly.com\/?p=2894"},"modified":"2016-09-22T16:30:25","modified_gmt":"2016-09-22T23:30:25","slug":"suspicious-links-emails-tempting-employees-build-security-small-business-corporate-culture","status":"publish","type":"post","link":"https:\/\/blogs.poly.com\/suspicious-links-emails-tempting-employees-build-security-small-business-corporate-culture\/","title":{"rendered":"Suspicious links in emails tempting employees? Build security into your small business corporate culture"},"content":{"rendered":"

\"BeauWilder_blog_image\"<\/p>\n

Curiosity doesn\u2019t just kill the cat; it may be putting your small business data in considerable jeopardy. A recent study<\/a> of 1700 students conducted by researchers at the Friedrich-Alexander-Universit\u00e4t in Germany found that even though users know a link from an unknown sender can pose a risk of infecting their computer with a virus; they will click on it anyway out of curiosity. Specifically, 56 percent of email recipients and about 40 percent of Facebook users clicked through on a link they received from an unknown sender despite the fact that 78 percent indicated in a follow-up questionnaire that they knew doing so posed a risk.<\/p>\n

Considering the importance of protecting your small business data and network from the risks posed by hackers, the study is a good reminder that training your small business employees to be vigilant about security should be ongoing. \u00a0Technology integrator ePlus addresses this very issue in an article on \u201cBuilding a Security-Minded Culture,\u201d<\/a> recommending that in addition to having the right security technologies and controls in place, a company\u2019s culture needs to emphasize security as one its values and in doing so change the way employees think about their role in protecting company information.<\/p>\n

Among its suggestions to make security part of a company\u2019s culture, ePlus recommends that the message needs to come from the top. The CEO of the company has to make security a top-level priority and communicate the importance of it on a regular basis. Also security training should be conducted as often as quarterly if necessary or annually at a minimum. And finally, security training needs to be a team effort enlisting people from various groups to offer suggestions on messaging, management programs and training initiatives.<\/p>\n

Make security training meaningful<\/strong><\/h5>\n

When it comes to training, it\u2019s not enough to remind small business employees about not clicking on suspicious links, accessing company information over unencrypted public networks and visiting suspicious sites; you need to make the training meaningful and memorable. Here are some suggestions from Kaspersky Lab, the international software security group, in \u201cTop 10 Tips for Educating Employees About Cybersecurity:”<\/a><\/p>\n