Cybersecurity Mistakes You Are Making at the Office

There are tons of cybersecurity mistakes we make every day. The subject itself is complex, and criminals are increasingly sophisticated. Given that the average time to detect a breach is over two months, you need to get to grips with securing your office and workspace right now. Security takes time, but from banning USB drives, to MFA, here are some valuable suggestions.

CC0 Licensed Image Courtesy of Unsplash

Not Hiring Expert Help

There’s no substitute for learning all you can and implementing a solid cybersecurity plan immediately. But there could be large gaps that need filling in ASAP. Services like Solutions 4 IT are primed excerpts in cybersecurity and IT systems. Professionals will work with you on a solid plan that you can execute right away and implement in stages moving forward. Over a short period, you will strengthen your defences against unwanted intrusion and improve detection.

Allowing the Use of Un-Encrypted Drives

Like human-to-human viruses, one of the easiest ways computer worms, trojans and other viruses spread is through flash drives. These can infect one and then all nodes on your office network. Alone, this can be a nightmare. But what if your employees are also using unencrypted drives? This means any company data is accessible to hackers using apps and scripts. If there isn’t a need for drives, disable them via Windows Group Policy and ban them from the office.

Cybersecurity Mistakes and Authentication

Further to passwords, you must implement modern authentication methods for accessing login systems. Usernames and passwords are no longer sufficient as hackers are more sophisticated and armed with complex tools. However, using only 2FA or MFA systems, you vastly reduce the chance of unauthorised entry to your computer systems. This is because there needs to be more than one method of verifying a login, usually to a user’s personal or workplace mobile.

Too Many Password Changes

There is a common misconception that changing passwords often is a secure defence. While it can be useful, it actually leaves you more vulnerable. The main reason is that your teams will forget their passwords much more often if you change them numerous times. And this means they will write them down on paper or leave them in things like self-sent emails and notepad files. A password should only really be changed if there is a reason to suspect they are compromised.

Failing to Educate Employees

Real cybersecurity begins with education. If your teams don’t know what to look for, they can never raise the alarm, especially not in time. As an employer or manager, the benefits of educating your staff about cybersecurity are massive, and even training in spotting phishing scams will be powerful because 90% of cyber-attacks are initiated through phishing. Phishing can start in an email, a phone call, or even direct face-to-face interaction in brazen attacks.


Failing to outsource IT and security is one of the biggest cybersecurity mistakes. Yet even changing passwords too often can compromise the intended security of them. And your efforts can be all for nothing if you don’t also educate your teams about common cyber attacks.