Administrative professionals typically do not have a great deal of authority to make big decisions. However, due to their very important job responsibilities, their access to personal and confidential data makes them a highly sought-after target for hackers, scammers and criminals looking to make bank in nefarious ways. Given that, here are some important things administrative professionals can do to ensure they are doing everything possible to protect their organization from a cybersecurity perspective.
Get Trained. If your organization does not already have some sort of IT security training and testing program in place, implore your management to do so. There are many benefits including creating a security focused culture, preventing downtime, protecting assets, and helping the firm be compliant. A robust training program includes periodic testing to keep security top of mind and help identify those staff members who need more guidance than others.
Be Wary. Always be on guard when someone—whether in person, on the phone or via email—asks for information about your staff or your organization. Cybercriminals target administrative staff to uncover minute morsels of detail that can help them spoof someone else into gaining their trust. Anytime an outsider or insider creates an undue sense of urgency for you to take some action, especially involving moving funds, beware! It is more than likely an attempt to exploit the firm. Additionally, be highly suspicious of any gifts or freebies from someone you do not know.
Use Security Software. While some security applications were seen as “extra” protection not so long ago, today they are considered table stakes. Password Managers securely keep track of the kinds of passwords needed these days—long, complicated strings of letters, numbers, and characters—and they can also generate sophisticated passwords on the fly. Two-Factor Authentication adds an additional layer of security by requiring more than just a password to get into a site or application. Digital Signatures provide authenticity and ensure that a signature is verified. Additionally, they offer tracking, auditing, and compliance benefits. Encryption of emails and computers is imperative across the board since administrative personnel correspond on behalf of C-Suite management. Updates to software and firmware from manufacturers are a security measure and should not be delayed or ignored. Be vigilant in your security posture!
Separate Personal and Business. Using a company-owned PC for personal business should be avoided as much as possible. Just one errant sinister link in a Facebook post might expose your network to something that could compromise it and allow sensitive data to be delivered to cybercrooks.
Administrative experts are entrusted with managing highly valuable information daily via meetings, phone calls, emails, calendars, etc. Therefore, they may be one of the greatest vulnerabilities in terms of staff roles when it comes to security. Since there is a corporate risk of exposure, administrative staff must take on the mantle of corporate security expert to ensure data is not compromised.