Are new hires putting your data at risk?


Help avoid security vulnerabilities while bringing new hires up to speed.

Read time: 3 minutes

Periods of rapid growth are exciting, often chaotic times for small businesses. As new employees join the team they provide an infusion of valuable new perspectives and talents. Unfortunately they also tend to create a lot of new security vulnerabilities as well.

The issue boils down to the simple fact that employees are the main source of risk for data breaches. While most of these occur due to inadvertent error and not malicious acts, it doesn't make them any less damaging to your business.

New employees pose an even greater risk because they're not familiar with your security procedures and may have picked up bad habits in their previous workplace.

It is critical to put in place employee security training and policies that help mitigate risk.

Employee security training and guidelines

New employees already have a lot to take in when getting started, but it's critical that security guidelines are covered in detail early on. Often, employees be fully informed about your company's security responsibilities. Creating a standardized data security training for new hires can help close this knowledge gap.

The onboarding process should be designed with the assumption that each new employee has no existing knowledge about security best practices.

It's important to cover even the most rudimentary subjects, such as not writing passwords on sticky notes or opening suspicious emails. This may feel like a remedial course for the more tech-savvy hires, but having it reinforced for everyone is still important.

Include security training in onboarding process

Here are some other things to consider during the on-boarding process:

  • Schedule an in-person meeting with an IT manager or another employee who has a strong understanding of your security policies.

  • Outfit each new hire's desk with a laminated security checklist, outlining do's and don'ts in an easy-to-reference format.

  • Schedule an annual refresher training for employees who have been with the company for more than a year.

  • Provide a contact sheet for employees who have questions or think they may have inadvertently put company information at risk.

How to update your data security policy

The proliferation of personal devices and powerful consumer cloud services being used for work have removed much of the control that companies once had over their information. This in turn has entrusted individual workers with protecting sensitive business data.

Since employees account for most security breaches, it's important to shift as much of that responsibility and control back to the company.

This can be done by automating some systems and creating mandatory restrictions where needed. For instance, implementing stringent password requirements and required timed updates can ensure that none of your employees are using easily guessed passwords like “123456" for years on end. This goes for the IT team as well.

Take back control of employee security training

Moving to cloud services for things like email and productivity apps greatly streamlines the process of getting new hires up and running, cutting down the amount of ad-hoc configuration that must be done and the potential for errors or inconsistency along the way. This can also ease the off-boarding process when employees are on their way out, which is equally important for protecting your business (nearly 30 percent of incidents involve former employees).

Finally, it's critical to work with employees and solicit their feedback to ensure the technology tools provided are suiting their needs. If not, they may turn to consumer solutions for things like file sync and share, which puts company information at risk and out of your control.

Protect your critical data

Engage with experts to ensure employee security training to reduce data security risks.

Explore Cloud and IT solutions

Recommended for you

Data Risk Assessment Checklist
Data Risk Assessment Checklist

Data Risk Assessment Checklist

Learn how to conduct a content risk assessment, identify critical data that is exposed and put a plan in place to avoid security breaches.

How an outsourcing partner can deliver efficiency gains for law firms
How an outsourcing partner can deliver efficiency gains for law firms

How an outsourcing partner can deliver efficiency gains for law firms

Article about how law firms can use a strategic outsourcing partner to deliver efficiency gains, maximize PC and network uptime, increase productivity, and streamline automated workflows.

Girl Scouts Heart of Central California
Girl Scouts Heart of Central California

Girl Scouts Heart of Central California

See how Girl Scouts Heart of Central California refreshed its IT infrastructure with cost-effective solutions.