Back to school: Do staff need IT security training?19 January 2006
As businesses increasingly rely on IT and the internet for operations, sales and communications, security industry experts have always urged companies of all sizes in the UK to invest in formal security training for their staff members.
The majority of protective measures available to small businesses in terms of limiting the effects of malicious attacks, in the form of viruses, spyware and so on, are reliant to varying degrees upon responsible employee IT use.
Using firewalls, virus detection and email filters will all decrease the chances of damaging messages, attachments and files ending up on your office PCs, but staff misuse of IT has been found to pose the greatest threat to company networks. Failure to warn employees of the negative effects which could result from opening unsolicited email attachments, or downloading from insecure sites, may create extensive financial and business damage.
Although many businesses have a coherent internet policy that sets out best practice regarding the use of computers at work, companies may need to do more to ensure staff members understand the dos and don'ts and feel inclined to adhere to them ¿ so that security awareness is inherent in everyday working life.
What can small businesses do?
The basic steps that anyone using the internet and email should follow to protect their data and software may seem obvious, but they can become removed from daily office life. These include:
- Avoiding opening emails and attachments from unknown senders.
- Not downloading files or content from insecure websites.
- Not using company email addresses when registering any details online.
And it is not just large organisations such as banks that should be promoting IT security awareness. Any business that loses information because of a virus or whose data is stolen by a third party suffers the consequences.
A package such as Lotus Learning Space is a good option for small businesses looking to train staff members in a variety of essential skill areas as it is hosted, managed and maintained by BT and so does not use up valuable man hours. It also allows users to book classes online and can be continuously monitored.
At the very least, it is important for any business to put an email and internet policy in place, and to encourage staff to be familiar with it. Such policies not only help to protect against security threats, but improve staff productivity, network efficiency and help to raise customer satisfaction through guidance on email content and tone. For more information on how to create an email and internet policy, see our previous feature.
Post a comment
As usual, we would be delighted to hear your comments or questions about this article. Comments may be published on this or any other BT site.
