Data security is such a persistent concern for our small organizations. But it's hard to know where we should focus our time and efforts toward fortifying our IT defenses. Kaspersky Labs has just come out with a new report that reveals the answer. To paraphrase Mahatma Gandhi, the answers are within.
The new Kaspersky Labs report is called The Threats from Within. It is a free, nine-page little e-book that describes the current research. It finds that human beings are the weakest security link and also the first line of defense against data breaches within any organization — including small offices.
The report says that social engineering is a primary method for hackers to gain access to organizational data. Social engineering involves an outside person phoning, texting, emailing, or visiting an office and tricking employees or volunteers into disclosing personal information and login details for their organization.
Cybercriminals resort first to social engineering tactics that target employees. They are often the easiest way to infiltrate an organization.
The report also finds that employees often feel like they do not play a role in IT security. While IT people and management are justifiably concerned about data security, the report clearly demonstrates that this issue affects all employees and volunteers on all levels of our organizations. Getting everyone involved will go a long way towards building a strong line of defense against Internet-based threats.
Information Security Essentials online training from Skillsoft can help your IT staff and end users implement security best practices.
Get security training
Kaspersky Labs has some general recommendations that include:
TechSoup has partnered with leading security software companies, including Symantec, Bitdefender, and Comodo to offer donated and discounted security solutions to nonprofits and libraries.
Browse security donations
I also like TechSoup's 12 Tips to Being Safer Online. It is a free e-book designed for nonprofits that covers
And more …
Get the guide
We know that data security is a pretty hair-raising concern for nonprofits and libraries, but there really is a simple path forward — involving our employees and volunteers in doing some basic things to protect our charities.
Image: Håkan Dahlström / CC BY / text added
Just like keeping clients safe, keeping data safe is a training issue. Creating an office culture where everyone is on the lookout for security concerns on computers, including smart phones, and an IT department that doesn't make employees and volunteers feel stupid when they have questions or concerns, is key. Terrific article.
Glad you enjoyed the post! You're absolutely right that training *and* a supportive office culture are critical components of security. People need to know what to do to keep information secure, but they also need to feel empowered and supported when they have questions and concerns.
This work is published under a Creative Commons Attribution-NonCommercial-NoDerivs 4.0 International License.
Close this window