These days companies spend significant sums of money protecting themselves from cybercriminals. The threat matrix is vast, and attacks can come from almost any quarter. That is why many companies not only spend heavily on antivirus software but also on a wide range of tools that IT security professionals can leverage to intercept attacks “at the gates” and prevent attackers from ever breaching their defences.

Further, many companies will engage with third-party specialists to provide round-the-clock monitoring. Managers invest even more money to ensure that regular backups are not compromised. That´s so that if the worst happens, the process of recovery will be relatively quick so that the company can get back to the business of its business with as little downtime as possible.

All of that is commendable, but the unfortunate reality is that even the most elaborate and expensive systems designed to defend your corporate network can be reduced to nothing by one moment of carelessness by one of your firm’s employees.

If you want to increase the return on your IT Security investment, the best thing you can do is educate your workforce about the dangers that are lurking on the ‘net. Teach them security best practices so that they become part of your network security solution rather than being yet another risk factor you have to guard yourself.

A few examples of the way your employees may be unwittingly putting your firm at risk include the following:

• They use simple, easy-to-guess passwords that any hacker could guess with minimal effort.
• They seldom change their passwords by default.
• When travelling, many will connect to your company’s network using free, unsecured WiFi hotspots.
• A disturbing percentage of people use the same easily guessed passwords across multiple web properties.
• They fail to use multi-factor authentication paradigms, even when and where you make them available.
• Far too many people will automatically assume that any attachment landing in their work email inbox is secure and will open it without thinking twice.
• And there is very little cross-checking done when someone reaches out to them via corporate channels to ensure that the person contacting them is who they claim to be.

All of these pose a significant security risk to your company. Be sure your employees get the training they need to keep themselves and your corporate network safe.