It's important to ensure that personnel have information security training on how to securely process sensitive data, and how to securely transmit and store confidential information.
If you're in the process of creating cybersecurity policies and procedures, your next steps should include training all employees.
Here are five essential cybersecurity topics that should be touched on when training your employees to ensure your organization's data stays safe:
Email - Email is a primary target for hackers. Employees should be educated on social engineering and phishing. In addition to teaching employees to be more proactive when sending and receiving email, consider encrypted email, especially if the nature of your work requires sending information that may contain PHI or PII. Office 365 has an encryption feature for email, which Bedrock offers to clients.
Mobile - Healthcare providers are relying on mobile devices within the workplace more than ever. Employees should be taught best practices when it comes to downloading apps, the importance of passcodes on smartphones, and refraining from public wifi, which is vulnerable to attacks.
Physical security - Devices such as smartphones and laptops are a target for thieves. Thieves aren't always interested in the device itself; it's the information on the device that could be most valuable. Policies should be in place for keeping devices safe, such as locking screens when an employee leaves their desk, shoulder surfing, visitor policies, and procedure outlining what to do in the event a device is lost or stolen.
Web - Employees should be taught how to safely navigate the Internet. It's important to stay current with web-based attacks so that you can inform your employees so that everyone can stay vigilant. Stronger passwords for web-based applications and two-factor authentication is a must for all employees.
Network Connection - Wireless connections aren't always safe. As we touched on earlier, public wifi is vulnerable and a target for hackers. Home or office wifi, if set up improperly can also be the cause of a security breach. If you have employees who work from home, consider investing in a VPN and train your employees on how to use it.