Bad habits: we all have them. In our personal lives, bad habits are just plain annoying. But when it comes to bad habits around business technology, they can cost big in terms of time, money and security.
So let’s have a quick look at bad tech habits — and how to break them.
Creating weak passwords
Let’s be completely honest here: Even though we know the extreme importance, passwords can be a pain. And despite living in a two-step authentication world, it’s still too easy to slip up when it comes to creating bad or weak passwords — potentially placing the entire business at risk when an account becomes compromised.
Most business security breaches can be directly attributed to an easy-to-guess password that was protecting an enterprise server. While many businesses have adopted stringent password policies that mandate stronger password constructs, human nature often translates into the reuse of weak or simple passwords across the organization.
Best practices around this include regular training or reminders regarding password training, discouraging password reuse by using a password manager, and ensuring each business application used within the business requires a separate login.
Turning a blind eye to shadow IT
It’s a given that workers want to use the latest and shiniest technology tools and gadgets to do their everyday jobs. Shadow IT refers to the implementation and use of that software or hardware without the explicit approval of the organization.
Whether it’s a new cloud service or mobile device, ignoring the fact employees might be using them — and configuring them incorrectly — potentially leaves confidential information and resources exposed and at risk. IT departments should always be vigilant about unauthorized devices used on the corporate network.
This can be as simple as regular check-ins with employees about the tools they wish to use and investigating the potential for adoption.
Ignoring patch management
Make no mistake, neglecting to institute regular software updates or patches can lead to big problems and headaches down the road. Today’s security landscape includes increasingly savvy malware hackers employing bots that ferret out security gaps and vulnerabilities.
No one wants to be in the news for a ransomware attack that could have been easily prevented. Research firm Gartner notes that by 2020, about 99 percent of security gaps or vulnerabilities will be evident for at least a year before something’s done to fix them. In these cases, when an update or patch is available then it should be implemented prior to any possible malware event.
While it’s understandable that IT teams might be hesitant to implement the latest patch — for fear of creating havoc and downtime if something goes awry — leaving the network and server systems for extended periods of time without incorporating the latest update creates opportunities to hackers to exploit any security openings. Following and adhering to regular maintenance windows — or increasing the level of security automation around patching — are key here as well.
Using unauthorized software
These days, it can be tempting for the organization to implement and use unlicensed or “cracked” software. But the risk of malware or spyware can be too high in terms of data security.
Without delving into the ethics of software privacy or engaging in debates on copyright, in pragmatic terms, the costs of a software audit or a security breach due to using pirated applications can be too high compared to the cost of purchasing adequate licenses for the organization. Breaking that habit by using free tools or lower cost alternatives to the proprietary application can be simple and cost-effective workarounds as well.
Even with relatively easy-to-implement strategies for breaking bad tech habits, it is challenging to change human behaviour. Rather than asking your teams to break their habits, have them think about the idea of ‘replacing’ those behaviours. Looking at the bigger picture, this will lead to the organization’s competitive success, reduction in security and technology costs, and will help ensure you will have an aware, well-trained workforce throughout the year.