{"id":21049,"date":"2021-05-20T00:00:22","date_gmt":"2021-05-20T00:00:22","guid":{"rendered":"https:\/\/exigotech.com.au\/?p=21049"},"modified":"2023-08-28T09:16:02","modified_gmt":"2023-08-28T09:16:02","slug":"tips-from-a-microsoft-security-solutions-provider-to-build-a-people-centric-security-culture","status":"publish","type":"post","link":"https:\/\/exigotech.co\/sg\/blog\/tips-from-a-microsoft-security-solutions-provider-to-build-a-people-centric-security-culture","title":{"rendered":"Tips from a Microsoft Security Solutions Provider to Build a People-centric Security Culture"},"content":{"rendered":"<p>A report by\u00a0<strong><a href=\"https:\/\/www.accc.gov.au\/consumers\/protecting-yourself\/scams\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">Australian Competition and Consumer\u2019s Commission\u00a0Scamwatch<\/a><\/strong>\u00a0states that Australians lost\u00a0over\u00a0$34.28 million\u00a0due to email phishing attacks in 2020. $48.08 million were lost due to illegitimate phone calls. The most alarming part in both these statistics is that the bad actors have somewhat moved past attacking your\u00a0organisation\u2019s\u00a0security cover by finding loopholes in applications or software platforms. They now\u00a0lure your employees into clicking links that would give hackers access to your technology stack.\u00a0Provided that your employees are mostly unaware of the consequences when they click on an illegitimate email or link, the\u00a0situation\u00a0is\u00a0grave. To\u00a0help you avoid this situation, you can partner with a pioneer Microsoft <a href=\"https:\/\/exigotech.co\/au\/blog\/a-brief-note-on-how-exigo-tech-heightens-security-levels-of-your-endpoints-as-your-managed-security-solutions-provider\"><strong>Security solutions provider<\/strong><\/a> like us.<\/p>\n<p>While working with people\u00a0who have been\u00a0playing various roles in\u00a0different\u00a0organisations\u00a0for years, I have\u00a0concluded\u00a0that there are certain commonalities in human\u00a0behaviour.\u00a0The one prevalent notion is that employees believe that their actions don\u2019t generate an impact as far as cyber security is concerned.\u00a0Therefore, it\u00a0is the employer\u2019s job to correct them and connect with them to explain that one action can result in a breach.\u00a0We, your Microsoft security solutions provider, join hands with you to educate your\u00a0employees\u00a0about the checkpoints they should verify before clicking on any link.<\/p>\n<p>From my treasure trove of experience, I am enlisting certain tips that any\u00a0organisation\u00a0can use\u00a0to enable and empower their professionals to not fall prey to any phishing emails or phone calls. <img decoding=\"async\" class=\"aligncenter\" src=\"https:\/\/exigotech.co\/wp-content\/uploads\/2021\/05\/Microsoft-Security-Solutions-Provider1.jpg\" alt=\"Microsoft Security Solutions Provider1 \u2013 Exigo Tech \" width=\"940\" height=\"440\" \/><\/p>\n<ul>\n<li>\n<h3>Improve the Engagement Quotient of Your Security Training Sessions<\/h3>\n<\/li>\n<\/ul>\n<p>Try\u00a0to\u00a0include components and concepts\u00a0that\u00a0intrigue people and are easy for them to understand and apply\u00a0the same in their routine operations.<\/p>\n<ul>\n<li>\n<h3>Invest in User-friendly Technology Solutions<\/h3>\n<\/li>\n<\/ul>\n<p>Liaise with a Microsoft technology solutions provider to invest in applications\u00a0that shorten the employee authentication\u00a0process. For example, it is not feasible for your employee to remember a\u00a0password of\u00a015\u00a0characters\u00a0that is inclusive of\u00a0special characters and\u00a0alphanumerics. Not only the employees\u00a0find it difficult to\u00a0enter\u00a0credentials\u00a0every time\u00a0they\u00a0want to\u00a0access an application,\u00a0but\u00a0the procedure consumes\u00a0their productive time\u00a0too. Therefore, look for smart and effective solutions such as <strong><a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/au\/solutions\/passwordless-authentication#office-CustomSpacingTemplate-gpzdkk1\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">passwordless<\/a><\/strong> authentication for Microsoft Entra ID.<\/p>\n<ul>\n<li>\n<h3>Inform your Employees about a Cyber-security\u00a0Breach<\/h3>\n<\/li>\n<\/ul>\n<p>Be transparent and encourage communication about any security breach in your\u00a0organisation. Instead\u00a0of keeping the incident in wraps, use it as an opportunity to train your employees about\u00a0<strong><a href=\"https:\/\/exigotech.co\/au\/services\/security\">security<\/a><\/strong>\u00a0with a real scenario.\u00a0Certainly,\u00a0don\u2019t\u00a0shame your employees by revealing who clicked on the illegitimate link, but adopt a subtle approach as raising awareness is important as people are your first line of\u00a0defence.<\/p>\n<ul>\n<li>\n<h3>Educate the Employees\u00a0About Phishing Links<\/h3>\n<\/li>\n<\/ul>\n<p>With\u00a0the\u00a0working from anywhere culture becoming rampant, the chances of people clicking on inappropriate links increases. Direct your IT professionals or your Microsoft security solutions provider to apply an extra layer of security\u00a0at risky sites.<\/p>\n<ul>\n<li>\n<h3>Conduct Training to Educate Not to Meet Compliance<\/h3>\n<\/li>\n<\/ul>\n<p>Foster a mindset wherein people attend security training sessions to become aware and upgrade themselves.\u00a0Conducting a refresher course after a breach is\u00a0a\u00a0must even if\u00a0the\u00a0victim was\u00a0another\u00a0organisation. I do understand that\u00a0arranging an engaging session might be heavy on your\u00a0pocket,\u00a0but informed employees can save the entire\u00a0organisation\u00a0from any breach and as they say, prevention is always better than cure.<\/p>\n<ul>\n<li>\n<h3>Set a Pattern to Repeat Cyber-security Training\u00a0Sessions<\/h3>\n<\/li>\n<\/ul>\n<p>Instruct your Microsoft security solutions provider to equip you with\u00a0<strong><a href=\"https:\/\/exigotech.co\/au\/services\/business-applications\/microsoft-sharepoint\">sharepoint solutions<\/a><\/strong>\u00a0that allows you to broadcast security related podcasts, videos, news and other interesting collateral in your company.\u00a0Talk about every breach, highlight every incident and discuss how careful\u00a0your employees\u00a0need to be while accessing the\u00a0company\u2019s network from their own\u00a0or corporate\u00a0devices. Cyber-security includes many aspects and hence talking about it might\u00a0intimidate the\u00a0employees,\u00a0but communication is the key\u00a0to survival.<\/p>\n<h2><strong>Every Endpoint is On the Hacker\u2019s Radar<\/strong><\/h2>\n<p>With many machines now being a part of an\u00a0organisation\u2019s\u00a0technology surface, it is time to foster a culture of healthy suspicion.\u00a0I do understand that when your\u00a0confidential data\u00a0is accessed from devices you don\u2019t monitor\u00a0or\u00a0the networks\u00a0you don\u2019t manage,\u00a0managing security becomes a typical ball game, but the\u00a0price of a breach outweighs the efforts you make keeping an eagle\u2019s eye on your systems.<\/p>\n<p>Driving cultural change across any\u00a0organisation\u00a0is not the responsibility of\u00a0only\u00a0the technology director. All the C-suite employees have their parts to\u00a0play\u00a0and effective and engaging communication is the starting point.\u00a0You can\u00a0<a href=\"\/contact\"><strong>reach out<\/strong><\/a> to us on <a href=\"tel:1300 394 468\"><strong>1300 EXIGOTECH (394 468)<\/strong><\/a>\u00a0to get assistance from\u00a0a\u00a0leading Microsoft security solutions provider in\u00a0deploying solutions that tightens your security stance and\u00a0encourage\u00a0your employees to\u00a0foster a security aware culture.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A report by\u00a0Australian Competition and Consumer\u2019s Commission\u00a0Scamwatch\u00a0states that Australians lost\u00a0over\u00a0$34.28 million\u00a0due to email phishing attacks in 2020. $48.08 million were&#8230;<\/p>\n","protected":false},"author":6,"featured_media":48518,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","inline_featured_image":false,"footnotes":""},"categories":[20,16],"tags":[234,235],"class_list":["post-21049","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-suite","category-security","tag-microsoft-security-solutions","tag-microsoft-security-solutions-provider"],"acf":[],"_links":{"self":[{"href":"https:\/\/exigotech.co\/sg\/wp-json\/wp\/v2\/posts\/21049","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/exigotech.co\/sg\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/exigotech.co\/sg\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/exigotech.co\/sg\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/exigotech.co\/sg\/wp-json\/wp\/v2\/comments?post=21049"}],"version-history":[{"count":3,"href":"https:\/\/exigotech.co\/sg\/wp-json\/wp\/v2\/posts\/21049\/revisions"}],"predecessor-version":[{"id":58314,"href":"https:\/\/exigotech.co\/sg\/wp-json\/wp\/v2\/posts\/21049\/revisions\/58314"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/exigotech.co\/sg\/wp-json\/wp\/v2\/media\/48518"}],"wp:attachment":[{"href":"https:\/\/exigotech.co\/sg\/wp-json\/wp\/v2\/media?parent=21049"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/exigotech.co\/sg\/wp-json\/wp\/v2\/categories?post=21049"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/exigotech.co\/sg\/wp-json\/wp\/v2\/tags?post=21049"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}