Our focus is on empowering your team to work efficiently from anywhere, boosting productivity and collaboration through customised IT Solutions.
Meet the Acora One Team
The Acora team is ready and waiting to help. We’d love to hear from you!
Follow Us
To view this video please enable JavaScript, and consider upgrading to a web browser that
Home News room Cyber Security Awareness Tips for Employees
Acora is a UK based, award-winning IT services and technology company with over 25 years’ experience. We provide a range of IT support and Microsoft-centric business software and cloud solutions to help mid-market organisations modernise their IT so they can compete and win in the digital economy. More than 200 clients trust us to take responsibility for part, or all of their IT from solution design to support.
We’ve refreshed our list for 2024 of our cyber security awareness tips for employees that you can use for personal or professional means. Cyber security threats are constantly evolving, so it is important to stay up-to-date on the latest threats and to take steps to inform all your employees.
Take a look at the following cyber security tips to learn your “something new” for today!
Enable multi-factor authentication (MFA) for added protection. It ensures that the only person who has access to your account is you. Use it for email, banking, social media, and any other service that supports it.
If MFA is an option, enable it by using a trusted mobile device, such as your smartphone, an authenticator app, or a secure token.
Cyber criminals can access all your connected devices via your home router. As more staff work from home, it’s important to secure your home Wi-Fi by setting the password to something complex and personal.
Ensure that you have changed the default password on smart devices.
Business information typically includes a mix of personal and proprietary data. While you may think of trade secrets and company credit accounts, it also includes employee personally identifiable information (PII) through payroll etc.
Usually, sensitive data. Be exceptionally careful about what you are sharing, and be cautious of how you are sharing it.
Our next cyber security awareness tip is to connect with only people you trust. While some social networks might seem safer for connecting because of the limited personal information shared through them, keep your connections to people you know and trust.
Cyber criminals frequently use social media to harvest information about potential targets for social engineering purposes.
The next cyber security awareness tip is to check your app permissions. Your mobile device can have suspicious apps running in the background or using default permissions you never realised you approved.
They can gather your personal information without your knowledge. Use the “rule of least privilege” to delete permissions that you don’t need or no longer use.
Bonus: Only download apps from trusted vendors and sources.
Make sure your device’s security software scans for viruses and malware. That includes your personal device too, if you have work related data on there.
Be sure to periodically back up any data that cannot be recreated such as photos or personal documents.
You may want to consider creating a dedicated directory for file sharing and restrict access to all other directories. You should always only choose to allow file sharing over home or work networks. Never on public networks.
Bonus: Password protect anything you share.
Check the customer support area of your ISP or router manufacturer’s website for specific suggestions to assist in securing your wireless network.
One of our key cyber security tips. VPNs encrypt connections at the sending and receiving ends and keep out traffic that is not properly encrypted. VPNs allow employees to connect securely to their network when away from the office.
Many businesses have a VPN. If a VPN is available to you, make sure you use it.
Most wireless access points and wireless routers let you see which devices are connected.
Our 20th tip of our cyber security tips for employees is to review these lists frequently for any devices which are unfamiliar, either blocking those which are unfamiliar, or changing WiFi passwords to keep unauthorised devices out.
You should consider using the longest password or passphrase you can. Combine three random words together, with two numbers. Capitalise some characters.
Bonus: Add in some punctuation and capitalisation.
The next cyber security awareness tip is to keep your information safe from known vulnerabilities by turning on automatic updates so you don’t have to think about it.
Out-of-date devices create opportunities for malicious hackers.
Bonus: Set your security software to run regular scans.
Cyber criminals can gather corporate data about your business partners and vendors, as well as HR and financial departments, by searching Google and scanning your business social media accounts.
Avoid oversharing on social media and do not conduct official business, exchange payment, or share Personally Identifiable Information (PII) on social media platforms. It’s used for social engineering.
Data breaches do not typically happen when a cybercriminal has hacked into your company’s infrastructure. Many breaches can be traced back to a single phishing attempt, security vulnerability, or instance of accidental exposure.
Do not click on unknown links, be wary of unusual sources, and delete suspicious messages after reporting or forwarding all phishing attacks to your IT department.
Back up all your data to another device or third-party cloud service in case your device is compromised.
Remember 💡 Synchronisation services such as OneDrive and Dropbox are not data backup solutions. The changes ransomware makes can damage synchronised copies too.
Number 10 of our cyber security tips for employees is to make sure your device doesn’t automatically seek and connect to open wireless networks or Bluetooth devices.
This opens the door for cyber criminals to remotely access your device and have access to sensitive information. Disable these features so the choice to connect to a secure network is in your hands.
Confirm the name of the public network and exact login procedures with the appropriate staff before connecting. Do not trust any network without an access password, and consider using a VPN to keep your confidential data private when using public networks.
Many people don’t realise that personal posts on social media are all that criminals need to know to target you, your loved ones, and your physical belongings – online and in the real world.
This includes:
Keep your devices secured in taxis, at airports, on airplanes, and in your hotel room. Never leave your equipment unattended in a public place. Enable “automatic lock” functionality where available.
No, this is not love advice!
Cyber criminals use social engineering tactics, hoping to fool their victims. If an email looks “phishy” do not respond and do not click on any links or attachments found in that email. When available use the “junk” or “block” option to no longer receive messages from a particular sender.
Hover over links to verify they are authentic. Ensure that URLs begin with “https”. This indicates encryption is enabled to protect your information.
Watch out for “lookalike” domains, such as “myb4nk.com”.
Firewalls can prevent some cyber attacks by limiting malicious traffic. They can also restrict unnecessary outbound communications.
Some devices and operating systems come with a firewall preinstalled. Make sure your device is currently using a firewall and that it is configured properly.
It is common for Cyber criminals to alter the return address so that it looks like the message came from someone other than the sender. Before opening any attachments, verify that the message is legitimate by contacting the person who sent it.
Use caution even from people you know. Be especially wary of unsolicited attachments.
A widely used feature on many wireless routers, it allows you to grant wireless access to guests on a separate wireless channel with a separate password.
This maintains the privacy of your primary credentials.
No, not fishing: Phishing. More specifically, phishing attacks.
According to Verizon’s 2021 Data Breach Investigations Report, 36% of all breaches involved phishing attacks. 85% of those breaches involved a human element. Its goal is to gain sensitive information about you and use it to make unauthorised purchases or to gain access to a secure system.
Be a cynic. Always suspicious of unexpected emails.
Too many people fall into the trap of using the same or very similar password for all accounts. Cyber criminals try to use stolen passwords from one service to log into other services, known as “credential stuffing”.
Defeat this by using a unique strong password for each service.
Bonus: Use a password management app to set random passwords for each account.
To maintain information security, your company may have developed a number of policies.
This could include a:
If you are uncertain about your employer’s data security expectations, we recommend you request clarification from them or review their policies again.
Our final tip is to report any incident to your IT department as soon as possible. Timing is everything with cyber security, so don’t be afraid to report a cyber security incident. Especially, when you’re at fault.
Your IT team will thank you for it. (Obviously, not the part where you clicked on the link!)
Seems like an obvious one, but you would be amazed how many people write down their passwords or share their login credentials via email. Every time you share or reuse a password, it chips away at your security by opening more ways with which it could be misused or stolen.
Set the privacy and security settings to a level you’re happy with. Disable geotagging. It allows anyone to see where you are, and where you aren’t, at any given time. Not a great idea.
Our next cyber security awareness tip is to practice safe surfing wherever you are by checking for the “green lock” or padlock icon in your browser bar when making financial transactions.
It indicates a secure connection which has undergone extended validation, and that the business you are dealing with takes the security of your transaction seriously.
Even if you delete a post or picture from your profile seconds after posting it, chances are someone still saw it. Think before you post.
Another one of our key cyber security tips. A password manager is the most secure way to store all your unique passwords.
With just one password, you can create strong passwords for every account that you have. At Acora One, we recommend 1Password.
Bonus: Never divulge your master password! Extra bonus: Protect your manager with a physical security token.
Bonus: Never divulge your master password!
Extra bonus: Protect your manager with a physical security token.
Cyber criminals will always attempt to create a sense of urgency, causing the recipient to fear their account or information is in jeopardy, or that they are about to miss out on something.
If you receive a suspicious email that appears to be from someone you know, reach out to that person directly on a separate secure platform. If the email comes from a business but still looks “phishy”, reach out to them via customer service to verify the communication.
We hope you enjoyed our cyber security awareness tips for employees.
For a quick cheeky plug, we do offer Cyber Security Awareness Training to businesses and their employees!
If you have any other questions, please feel free to get in touch.
Power BI and Power BI Pro: Empowering SMEs with Data Insights Understanding and leveraging information effectively is no longer a luxury—it’s a necessity. For small and medium-sized enterprises (SMEs), the ability to make informed, data-driven decisions can set you apart…
Disaster Recovery: Why It’s Essential for Your Business Many business owners are natural optimists—after all, it’s that positive mindset that helps them build and grow successful companies. However, when it comes to disaster recovery, optimism alone won’t protect your business…