What Do Employees (& Everyone Else) Need to Know About Computer Security?

That’s what many people who work in IT ask themselves. What is to be included to get the correct message in place, without bringing in details lost on all but the most knowledgeable?

A small story in Maximum PC speaks of a listing and article found in a business publication, eWeek, that gives the most essential instruction – and the explanation that this instruction needs to be repeated far more frequently than many of those giving the instruction would like to believe. It is apparent that for most people , the things to remain safe go into short term memory, and like some brain-damaged patient at the hospital, never get committed to long term memory (though they don’t have a name for it, I’d call it the 50 First Dates effect).

Security’s always a hot topic in the business world, but eWeek.com’s list of ‘10 Essential Things Companies Should Teach Employees About Security” comes particularly well timed. Why? Just recently, McAfee posted a survey suggesting that SMBs are spending less on security as the recession continues to force cuts to the budget, yet cybercrime is on the rise. That being the case, now more than ever the onus falls on employees to take certain precautions.

According to eWeek, companies need to go back to the basics when it comes to educating its staff on safe computing. No. 1 on eWeek’s list is the need to remind employees to be weary of email attachments and to only open ones from trusted sources. The importance of creating strong passwords and avoiding shadier sides of the Web also made the list.

One entry that might not have existed five years ago is teaching employees the dangers of social networks. One wrong click can turn into a security nightmare for an IT staff working with a reduced security budget.

What it all boils down to is that workers need to be reminded every once in awhile of the dangers assumed to already be known.

My best instincts say that perhaps there should be a little message on the bottom of every monitor, but clearly in the line of sight, “If you don’t know what happens immediately after you press enter, or click on it, don’t do either.”

While no one could work under those conditions, there really does need to be an almost constant reminder of things not to do. No matter how good the firewall, how fantastic the heuristics of the antivirus, there is no way to remove the irresistible urge of the average user to click on a big spot that says “Click this!”

§

⌘

⌘

- it never hurts to use a more secure browser, and leave Internet Exploder behind.