You’ve heard about the ‘Pink Slip’ virus, haven’t you? For those who haven’t (or it’s been a few years and far too many news stories, political fodder, or work-related issues to focus on instead), let’s do a refresher.
An employee of a mid-sized company was feeling frustrated and tired at work. She decided to check her email (this happened to be work-related, but it wouldn’t have made any difference in the world if it was personal) and saw a subject heading: Grab the Career You’ll LOVE!
It was the perfect combination of timing and attention-grabbing subject line that would then propel her company into a major world of hurt. She clicked on the link promising an incredible opportunity (including a serious salary boost) and downloaded a malicious virus -not just to her workstation, but to the entire network.
Every computer and system in the company was quickly infected and the virus caused tremendous damage to their data files and network. It wasn’t hard to figure out who had opened and downloaded the virus, and seeing the subject line made it clear she wasn’t even happy working for them. Could it have been deliberate? Possibly, but in this case, it wasn’t.
Many Employees Are Simply Naive About Viruses and Malware
Ask the average employee in most companies across the country about malware and viruses and you’ll receive stock, superficial answers. “They’re bad.” “They can damage your computer.” “Oh, I don’t know, I just run those programs (to keep them safe).”
People in the know understand antivirus programs are not foolproof and often lag behind the hackers and programmers creating malicious programs. They understand it’s absolutely critical to remain diligent in protecting computers (including desktop, laptop, tablets, smartphones, servers, etc.) and avoid certain ‘risky’ behaviors.
What Happens If Your Team Members Fail to Be Responsible?
Even if a company has its own IT team, they’re likely only one or two people. That’s not nearly enough to stay on top of the endless stream of malware that comes through websites, let alone viruses’ people unwittingly welcome into their computer systems (and, ultimately, the entire network).
Customer information can be stolen. Secret company files can be swiped. Files and documents can be erased. Entire computer systems can be completely devastated, even to the point of the hard drives and component boards being destroyed.
It can cost a small business thousands of dollars, a larger company millions, and it has the potential to completely wipe out some. It’s a serious risk, so what can be done to help limit the risk?
1. Close all loopholes.
When it comes to employee handbooks and policies, business leaders may wish to enact a strict policy against personal emails and surfing the Internet. Not easy to enforce (especially accessing the Internet, since it’s one thing that almost all employees will have to do at some point during the day), but crucial to be put into writing.
If one employee assumes he can circumvent the rules and just ‘check personal email quick,’ whose to say others won’t? Be firm and anyone who violates the policy must face the same discipline as anyone else might.
2. Educate your team members.
Some viruses and malware can attack by simply clicking a link. Other hackers are conducting phishing scams, trying to get people to enter their personal account information on what they think is their legitimate banking institution’s website.
Providing regular newsletters, sessions, and even seminars can empower them to avoid clicking on links from ‘suspicious’ emails.
3. Hold employees accountable for damages.
The longer you’re in business, the more you’ll run into the prototypical person who wants to ‘fix it themselves.’ This drives IT pros absolutely crazy!
Most of the time, these “do-it-themselfers” do more damage to their computer, possibly the network, and their productivity than they ever solve. Make sure even if it seems like a simple solution to fix a slow running computer that they turn to the IT professionals. If an employee understands he or she will be responsible for anything that goes wrong (ie., tapping into the computer’s registry trying to provide a fix to some platform).
4. Don’t accept the ‘antivirus programs slow the computer down’ excuse.
Yes, it can. Some antivirus programs will chew up RAM (working memory), causing other programs to run slower. That’s no excuse for disabling them.
Ensure that all team members understand the importance and value of keeping antivirus programs running at all times. It someone is truly hampered by a slow running system (such as a graphic designer or video editor on your staff), then it may be time to upgrade, at least the RAM, if possible.
5. Stay on top of your employees’ goings on at work.
It’s not a Constitutional issue, despite what some disgruntled workers may claim. Consult your attorney if you want verification. As a private business owner, you have every right to have access to all computer files, systems, and history on your devices. You don’t have the right to access their smartphones, tablets, or own laptops unless they are accessing your company’s private network.
As such, review what your employees are doing. If there are team members checking out social media, nefarious websites, or even personal email on your devices and/or system, deal with it directly. And firmly.
The bottom line is that your business is too important to allow careless or even belligerent employees cause potentially millions of dollars in damage because they don’t care or know enough about viruses and malware. Stay on top of it all and you’ll better protect your company.