Estimated Reading Time: 4 Minutes
When we think about practicing good cybersecurity habits, we often think about ourselves as individuals and overlook how our efforts (or lack thereof) can affect other people as well as businesses. Identity theft can have big implications on organizations, leading to compromised personal data and business intelligence, as well as lost productivity of employees. As part of this year’s Cybersecurity Awareness Month (CSAM), this week we urge you to think about how protecting your employee’s identity can also help protect the longevity and overall success of your organization. In fact, our Iris® Identity & Cyber Protection’s ROI calculator shows the cost your organization can save by being proactive in protecting your global workforce – and ultimately, your business. As an employer, if you connect them [to your network], protect them [to protect your business]!
Here are three things to keep in mind as you connect your employees to your systems:
1. Your employees’ personal devices and professional devices are increasingly intertwined
As more and more people continue to work from home, the potential for using personal devices for work purposes — and vice versa — has increased. According to Verizon’s 2020 Data Breach Investigations Report, this has been making employees — and employers — “particularly vulnerable” to attacks. The report found that employees’ personal data was involved in 58% of business breaches in 2019, nearly twice the percentage of 2018.
In addition to taking actions to protect personal devices, you and your employees should take the same precautions when securing business devices and accounts. This includes creating an organization-wide policy for password creation and usage so that all of your organization’s IoT devices, software, and subscriptions have unique passwords and logins. Organizations should also make sure to have policies in place for how to use work devices (i.e. personal usage of professional devices/software and vice versa) as well as the frequency for how often those credentials are updated.
2. Email credentials are one of the top targets for cybercriminals.
In 2019, FBI’s Internet Crime Complaint Center (IC3) received nearly 24,000 business email compromise (BEC)/email account compromise (EAC) complaints with adjusted losses of more than $1.7 billion. This type of cybercrime takes advantage of compromised email accounts through phishing attacks, social engineering of passwords, and other IoT intrusion techniques.
At the individual level, your employees need to be aware and educated on the types of scams and risks they are potentially exposed to – particularly through emails. They should also be reminded to check the sender name and domain to help ensure the email is legitimate, be mindful of odd or urgent requests (particularly for gift cards) from both internal and external stakeholders, and never download attachments or click on links that were unsolicited or from unfamiliar senders. At the business level, your organization should provide cybersecurity awareness training at regular intervals and establish policies and processes to enforce vigilance.
3. Identity protection for your employees is protection for your business.
When an employee’s identity is compromised, productivity takes a big hit (upwards of 150 hours’ worth of lost productivity!) as does morale and engagement. Additionally, your organization can incur a hefty financial expense to remedy the situation if the compromised employee data includes sensitive corporate data. In the 2019 Cost of a Data Breach Report, the Ponemon Institute calculated the cost of a breach for organizations with more than 25,000 employees to be an average of $204 per employee. For organizations between 500 and 1,000 employees, the cost jumped to $3,533 per employee. Investing in your employees’ identity protection efforts now can save your organization unexpected expenses later.
Providing your employees with comprehensive identity protection like Iris not only emphasizes your commitment to data protection, it also helps further your continual cybersecurity education mission. Iris comes equipped with a resource library and regularly shares tips and best practices with our partners as well as their employees. Additionally, in the event one of your employees falls victim to identity theft, Iris’ certified & compassionate Resolution Center is available 24/7 to help resolve their identity theft case, saving them (and your organization) days of potentially lost productivity.
Check out our ROI Calculator today to learn how much money and time offering Iris Identity & Cyber Protection Services as an employee benefit can save your organization.