Here’s How to Get Staff Onboard with Security Policies

As a business owner, it’s easy to miss the days of BlackBerry. Everyone had the same device, the same applications, and the same security needs. Now, with most companies adopting BYOD practices, this uniformity is gone, taking the security solutions of old along with it.

While the diversity of devices and apps is wonderful for employees, convincing them to adopt new security practices can be headache-inducing. There are multiple ways you might be able to persuade or even force new security measures on your employees — some more effective than others — but the best way to get your employees to adopt these new methods comes down to one simple maxim: Make it easy.

Convenience and security go hand in hand
It’s important to remember that your employees are, above all, consumers — especially when it comes to devices and computing.

Back in the day, cumbersome security measures were just another part of the job. Now, however, they’ve been spoiled with fast, intuitive, and useful tools that they’ve chosen based on their value and cool factor. So it only makes sense that they expect similar convenience from their workplace applications.

When you’re working behind the scenes of security, it’s easy to ignore the convenience factor. (After all, secure is secure, right?) But the more complex or difficult your measures are, the more likely it is that people will try to find shortcuts. It’s why 43 percent of business leaders believe that the greatest threat to security is a negligent insider.

Most employees’ main concern is never security — and why should it be? They have their job to do and a limited amount of time to do it. If that means ignoring prescribed security practices, then so be it. You can fight this trend, or you can find ways to make security more convenient. The choice is yours.

Create a secure and convenient work environment
Behind every security practice should be the question: Is this the best solution for my employees? By keeping this top of mind, you can get a better idea of what your employees might struggle with. The ideal policy will be a cohesive mixture of security, convenience, and cost-effectiveness for both your company and your employees.

However, there are a few best practices you can apply to make security easier:

1. Train your team. You already know that training your employees is a vital step to ensuring that they’re following security protocols. But teaching them how to be secure in their personal lives is equally important.

When an employee’s personal accounts are breached, it creates a possible entry point to your business. By helping employees secure both their personal and work lives, you’ll diminish this risk. Train employees on cybercriminal tactics so they can detect any suspicious behavior and stop it in its tracks. Help them understand both the business and personal risks, and your employees will be more likely to adopt best practices.

2. Add a second security gate to your logins. Only about 35 percent of people remember advanced or strong passwords. What’s more, 30 percent write their passwords down and hide them somewhere that anyone can access, such as a desk drawer.

It might seem inconvenient initially, but adding a second step with two-factor authentication allows you to rely less on your employees’ memories. This way, people with simple passwords or ones that have been written down and taped to monitors no longer pose a major security threat. However, those practices should still be discouraged.

3. Take some of the security burden off your team. Choose a cloud vendor with strict privacy policies and secure services to benefit both you and your employees. When selecting a vendor, make sure you know where your data will be stored, who will have access to it, and what their security standards and breach notification policies entail. Perform due diligence on the applications your employees use, and if they don’t meet the company standards, curate multiple apps that fill that same need for employees to choose from. Empower employees; don’t limit them.

Cloud resources are used for their utility and convenience, but a provider can also be a trusted partner in helping you and your employees manage logins and access to data.

Security practices shouldn’t work against your employees, and they don’t have to. We’re entering a new era of “bring your own everything.” Rather than hindering this progress, businesses need to embrace it. By focusing on convenience when setting up your security standards, you can create an environment where security is just another part of daily processes —not an obstruction to getting the job done.