We use the internet every day – it is inevitable. Knowing how to stay safe while surfing is vital, both during private use and for work. That means that hackers and cybercriminals could be a threat to any organisation from the largest corporations to the smallest start-ups. The entire team needs to be on the same page when it comes to knowing how to surf safely. That way, they will know how to avoid malicious links, sites, and pop-ups. In this blog post, we will highlight the importance of safe surfing and provide you some tips on how to get everybody in your organisation on the same page for safe surfing.
Imagine you are a tourist in a country you’ve never visited before. You would probably be excited to explore the new sights and experience everything that it has to offer. At the same time, you may not know about the local culture and layout of the city. When travelling, you should also be extra aware of where your passport and wallet are at all times, otherwise you wouldn’t be able to fly home! Additionally, you certainly would not be passing out photocopies of your travel mate’s passport around to everybody either.
Browsing the internet is like being a tourist in many new countries, but at a much faster rate. To find resources and information, we quickly move from one website to another, and never know what each website has to offer and how they are being run. It can be easy to let our guard down, especially if we are rushing to meet a deadline. But consider this: if you are careful about keeping your passport, wallet, and other people’s personal data safe in real life, why should you not do the same thing while browsing the internet?
Browsing the internet is part of your team’s everyday work life. They can be searching for tips for how to conduct the next project, accessing a cloud-based application, or they might get inspiration for tonight’s dinner.
Browsing may not always be work-related, but one thing is certain – your team relies on the internet for their work. Simply removing access to the internet would harm everybody’s productivity. The organisation must ensure that all staff are aware of the risks that come with browsing the net.
Some risks could be privacy and GDPR-related, when personal data is uploaded to a third-party. This could happen if you merge or convert PDF files on a browser application and this provider stores the data from these files without you knowing.
Malware is a board term that covers many types of malicious code. It is normally a small program or piece of code that is designed to infect your computer and they are normally just one click away. Examples include ransomware, keylogger or trojan horses. Malware can help cybercriminals steal, commit fraud, and blackmail organisations.
To protect your organisation from malware, is it essential to understand the tactics of the cybercriminals. They will try every possible way to crack the computers basic defence to get access inside.
An updated computer with updated software is a good basic defence. This includes operating systems, applications, and anti-virus programs. We also recommend having ad-block on your browser, which helps minimise exposure to possible malware.
To update a computer may sound like a simple task, but in our experience, this is in many times postponed, with the excuses of “I don’t have time now, I have more important things to work on”. We have a few tricks that you can use to remember to update your software:
It almost sounds too easy, but a lot of people still don’t do it.
If your team blindly activates, approves, downloads, installs, run, and accept all sorts of programs, then even your updated computer will have a hard time defending itself. Your team is the first line of defence, and it is only sensible to update them about best practices, threats, and trends relating to cybersecurity.
One method that cybercriminals apply is the use of a macro. A macro is a single instruction that can be pieced with other instructions to perform a task, for example, to convert data. They are very common in Word or Excel files. Cybercriminals can take advantage of this by placing malware into a macro that can be placed into a harmless-looking Office file.
Normally, Office will open downloaded files in protected view. Protected view ensures that macros are not activated. However, when you activate editing, you will allow the macro to be turned on.
One step towards the part of safe internet browsing is the implementation of an Acceptable Use Policy. This provides your team with rules and guidelines about the appropriate usage of the organisation’s equipment, network, and internet. This could be part of the more general set of guidelines for IT. This will help the team and organisation. Everybody will be aware that certain types of browsing or downloading of files is prohibited. The policy will create clear guidelines on what is allowed on the internet.
However, it is important to highlight that a policy can easily be forgotten and collect dust in the drawer. To avoid this, remember to review the policy regularly to ensure that it is meeting the needs of the organisation and communicating the importance of the policy to your team.
On one hand, browsing the internet is a vital tool in most people’s workflows. On the other hand, we must be aware of the risks involved. An Acceptable Use Policy and frequently updating your systems is a good start. But surfing is a vast jungle and it requires that we are very aware of all the known and unknown scenarios where your team can accidentally open the door to cybercriminals. So how do you make sure that safe surfing is something that stays on the everybody’s agenda?
One way of creating awareness is with continuous learning. By teaching your team about cybersecurity and safe surfing, you can get everyone on the same page about how to avoid risks when browsing the internet. You can also create a forum for your team, where they can share their experiences and help their colleagues avoid the cybersecurity threats they have encountered. Once you have established the culture of safe surfing in your organisation, your team can safely use the internet for what is made for: find information.
If you want to read more about what awareness training for cybersecurity can do for your organisation, you can read more here.
Join our 2000+ subscribers and sign up for our newsletter. You will receive inspiration, tools and stories about good cyber security practice directly in your inbox. Our newsletter is sent out approximately once a month.