Skip to content
  • Fortra-Logo-TM-SkyBlue
  • File Sharing & DRM Blog
    • Digital Rights Management
    • Secure File Sharing & Compliance
    • Intellectual Property Protection
  • Partners
  • Company
    • About Us
    • Leadership
    • Careers
  • Support
  • Contact
  • Search
yH5BAEAAAAALAAAAAABAAEAAAIBRAA7
  • Why Vera?
  • Product
  • Solutions
    • By Industry
      • Manufacturing
      • Media & Entertainment
      • Financial Services
      • Venture Capital & PE
      • Technology
      • Healthcare
    • By Technology
      • DRM
      • Data Classification
      • DLP
      • Zero Trust File Transfer
      • CASB
      • Office365
    • Column 3
  • Use Cases
  • Resources
  • Pricing
  • Book a Demo
    Book a Demo
Vera  »  File Sharing & DRM Blog  »  Digital Rights Management   »   Being #CyberAware: Reinforcing a culture of security in the workplace
Back to File Sharing & DRM Blog
PrevPrevious Post
Next PostNext

Being #CyberAware: Reinforcing a culture of security in the workplace

  • October 16, 2018
  • Web Master

As part of Vera’s ongoing blog series highlighting Cybersecurity Awareness Month, we’re shining a light on each major theme set out by the National Cyber Security Alliance for 2018.

Last week, the NCSA highlighted the importance of Educating for a Career in Cybersecurity and how parents, educators, students can work together to prepare individuals for one of the most in-demand and rewarding careers in technology. This week, we shift our focus to the third major theme: It’s Everyone’s Job to Ensure Online Safety at Work.

There are several important aspects of this theme including education and training of security staff, end-user awareness training, as well as operational considerations such as risk management, resistance, and resilience. However, there is even a more fundamental component that gets right to the heart of enterprise security:

Security is something we all have to participate in,
it doesn’t just magically happen to us.

 

It is an active process that everyone from security analysts to end-users must be involved in. Needless to say, there are many layers of security technology protecting us at all times that most users never see. But if users are not aware, trained, and engaged with security policies, then things can quickly go awry. This is true no matter what job role we have or whether we work in an office, hospital or restaurant.

Today, I’d like to share a few tips on how to ensure online safety in your organization:

Tip #1 – Making security active and accessible
For many users, security can seem like an abstract concept that doesn’t directly involve their job. There are often good reasons for this view. Often security is something that gets in the way of their work or comes in the form of a long list of “NO’s” (don’t click links in emails from unknown senders, don’t reuse passwords, etc). This training is, of course, important, and we will talk about it later. But avoiding bad behavior is not nearly as engaging as actively participating in strong security. And secondly, no one is perfect. Users get busy, distracted, and will eventually make mistakes such as clicking on a risky link. It happens to even the most seasoned security staff.

VERA extends a much more proactive way that all users can engage in security that doesn’t get in the way of their work. Every time a user secures a file, no matter how they choose to share it, they are actively managing the security and privacy of their data. Users automatically use encryption and policy to control who can view or edit a document while being able to monitor and revoke access at any time, all while maintaining a full audit trail to track every path the data takes.

And this is subtly transformative. Instead of always trying not to do the wrong thing, users are actively engaged in doing the right thing. This is not only good security practice, but it also continually reinforces a culture of security that end users participate in.

Tip #2 – Putting a focus on employee awareness training
Another key component of building a culture of security is awareness training. In most cases employees are the front line of enterprise security – malicious hackers target users to get a foothold into an organization, and on the other hand, many breaches result from simple errors where users inadvertently disclose data where they shouldn’t. As a result, it’s critical that users have the practical skills to help keep themselves (and the organization) safe and are aware of how their actions impact the organization.

Furthermore, security awareness training is a key component of regulatory compliance. HIPAA, PCI DSS, ISO 27001, SOC 2, GLBA, and FISMA are just a few standards/regulations that require security awareness training. However, to build a strong security culture, organizations should treat training as more than just a regulatory/compliance checkbox. Employee awareness and training should be performed at regular intervals to reinforce key points, and also during important events such as new employee onboarding or after a security event.

Tip #3 – Participate in regular security education
While employees need to be trained on best practices, IT and security staff must constantly keep pace with changing threats, security technologies and regulations. The constantly evolving nature of technology means that security training is necessarily an ongoing process. For example, as organizations move to the cloud, IT and security staff need to understand the implications and requirements of extending security to the cloud.

Organizations such as the Cloud Security Alliance and WISP, which VERA is a member of, can help organizations develop the skills and process they need to securely adopt cloud technologies. Organizations such as OWASP, ISACA, ISACA/CSX, SANS, ISSA, and ISC2 are also great resources for building and maintaining the skills of staff and teams.

These are just some of the ways that organizations can ensure security is a focus for everyone in the organization. The more that security becomes a part of the fabric of the enterprise, the stronger and safer the organization will be. At Vera, we take this responsibility very seriously and we look forward to helping organizations to take total control of their data.

If you would like to learn more or see a demo, please get in touch with us today. Also, our team is growing fast and we’re hiring across the board. If you’d like to learn more check out our careers page here!

Recent Posts

  • How to Lock CAD Files Securely & Protect Your IP September 8, 2023
  • Top Intellectual Property Management Software Today August 31, 2023
  • Top 5 Most Secure Collaboration Tools for Your Business August 4, 2023
  • Data In Transit & How to Protect It July 27, 2023
  • 5 Most Secure Document Collaboration Tools for Business July 10, 2023

Learn where DRM fits in your data protection strategy

Get started

Keep your most sensitive data in the right hands​

Schedule a demo
PrevPrevious Post
Next PostNext

Featured Blog

  • July 14, 2021
Heads up! New Canadian Data Privacy Act is Around the Corner
  • January 14, 2021
Enhancing Zero Trust beyond identity to data itself
  • January 14, 2021
How to Manage Data Risk in the Finance Function

News

Press

Events

Awards

File Sharing & DRM Blog

Digital Rights Management

Secure File Sharing & Compliance

Intellectual Property Protection

Follow Us

Twitter Linkedin-in Facebook-f Youtube
Copyright © Fortra, LLC and its group of companies. All trademarks and registered trademarks are the property of their respective owners. Terms of Service |  Privacy Policy  |  Cookie Policy  | Contact Us