This blog post was first published in 2019.
Today, more and more people do job-related tasks on their phones and work outside of the office. What are the potential risks of doing this? And what other security threats do employees pose for the corporation?
The European Union Agency for Cybersecurity (ENISA) lists the top 5 cyber threats and trends against European corporations:
- Malware
- Web-based attacks
- Web application attacks
- Phishing
- Distributed Denial of Service (DDoS)
The protection from many of these attack vectors relies on the knowledge of a company’s security team to establish the necessary mitigation actions, such as company-wide web-filters and patching web browsers.
However, human errors performed by employees also pose a real threat to corporations – especially larger ones. What if someone is working on the move and doesn’t use an encrypted connection? And did you know that mobile phones are a great target for phishing?
Here are a couple of things that you as an employee must be careful of:
3 ways employees pose a security threat – and what you as an employee must be aware of
1) Getting exposed to “spoofing”
You must also keep in mind that the sender of an email is not always who he or she claims to be. Spoofing is when a user falsifies information, for example, the geolocation or the name in an email to fool the victim into believing the user is somebody else.
Read more: 7 things you need to know about cyber hygiene.
2) “Piggybacking” is a big security issue
Most workplaces employ access cards together with passcodes to restrict access inside buildings. Yet in larger workplaces, where too many people work for everyone to know one another, it is commonplace that people hold up the doors for strangers to let them pass.
This phenomenon, known as piggybacking or tailgating, is a big security issue. Dare to say “I’m sorry, I can’t let you in”! Don’t hold the door if you are not sure who it is.
Also read: IT-security: – Many businesses forget the most important thing.
3) Juice jacking your items in public means an attacker can transmit data from your laptop
Have you ever been to an airport and charged your phone through a USB socket? Or in a café? With the new USB-C chargers, you can even charge your laptop via USB. However, using what’s known as “Juice Jacking”, an attacker can transmit data from your laptop via the USB cord without your knowledge. For iPhone and Android, however, current software versions should keep you protected.
