Network security is essential to protecting client and employee information.
With ransomware attacks and phishing efforts on the rise, it’s not a matter of if your staffing company will experience a cyber attack, but when.
Our cyber security expert and Chief Information Officer Kevin Prow shares four tips your staffing company can take to secure your data.
1. Implement cyber security awareness training for all users
Many of these breaches happen because of phishing attacks, which are becoming increasingly convincing. Ensure your users receive security awareness training—and especially phishing awareness training—to prepare your employees for spotting and reporting suspicious phishing attempts.
2. Require one strong, unique password
Creating strong, unique passwords is one step your team can implement today. Contrary to popular belief, there is no need to change passwords on a rotating basis. In fact, doing so can put your systems at risk.
When a user is forced to meet certain complexity requirements and change their password every 90 days, they are more likely to use bad passwords: reusing the same password with slight changes to numbers or symbols, incorporating years or seasons that are easy to guess, and creating the same password they use for other logins. They also might be more likely to write down their password and store it on or near their work area. Cyber criminals know these things and exploit these practices in order to attack your system.
Instead, have your users choose a strong password—one they use only for your system. If they have a strong password, they only need to change it if there becomes a problem.
3. Create an incident response plan
If your team does experience a security incident, what steps will you take to solve the problem? How will you know?
Every company should create an incident response plan in case of security attacks. This plan ensures you know what to do, potentially saving you crucial time and resources.
- Who is going to take control of that incident? When you have too many cooks in the kitchen you have no decisions getting made. Who is ultimately in charge of making those decisions as to how your business is going to respond?
- Do you have an incident response remediation company on retainer? Is there a cyber security professional you can call—whose phone number is sitting on your desk? In most cases, the appropriate response is to contact an incident response remediation team and get their guidance.
- Are you going to keep your systems online or turn them off? In a lot of cases, you can cause a lot of damage by disconnecting a compromised system, such as if it has a dead man switch or is otherwise going to leak information if they cannot continue to have that command and control of your environment.
4. Evaluate the security measures of your ATS
If your data is stored on your ATS’s servers, what measures is your ATS taking to protect that data?
If your data is not stored on your ATS’s servers, it’s a good time to ask: do you have the security and IT professionals necessary to protecting your network?
With our combined 200+ years of staffing industry experience, TempWorks is committed to upholding the safety and security of our clients as we serve your staffing, recruiting, and retention needs. staffing industry. Learn more about how TempWorks can support your team.