top of page
cedricdicesare8

Protecting your business is everyone's responsibility : cybersecurity essentials



Introduction: The importance of employee vigilance in cybersecurity


SMEs and medium-sized businesses are on the frontline of cyber threats. According to recent reports, nearly 67% of French SMEs and ETIs have experienced a cyberattack in recent years, with an average cost of 50,000 to 200,000 euros per incident. Most incidents are often linked to human error or careless behavior. Each employee plays a central role in cybersecurity, and this guide offers practical recommendations to strengthen the protection of information and systems, whether in the office, working remotely, or on the go.


Protect your credentials

Passwords are a cornerstone of security, yet they are often overlooked. Proper password management is essential to prevent unauthorized access.


Create unique and complex passwords

Combine uppercase and lowercase letters, numbers, and special characters. Choose passwords of at least 12 characters for each account.


Separate professional and personal passwords

Using different passwords for work and personal accounts reduces the risk of compromise between personal and professional environments.


Use a secure password manager

Store your credentials in a digital vault like KeePass rather than on insecure media (post-its, Excel files). These tools also allow you to manage complex passwords without memorizing them.


Never share your passwords

Keep your passwords strictly personal, even with colleagues and support staff.



Caution with removable storage devices

Removable devices such as USB keys are vectors for malware and intrusions. Even an inadvertently inserted USB key can compromise the company’s network security.


Avoid unauthorized USB/removal devices

Never insert USB drives of unknown or unapproved origin. Cybercriminals sometimes use infected devices to access company systems.


Limit their use

Whenever possible, opt for secure cloud storage solutions provided by the company.


Ideally, USB devices should be prohibited

Company policy may recommend or impose this ban to reduce the risk of malware introduction.



Protecting mobile devices while traveling

Laptops and phones are particularly vulnerable when traveling.


Avoid public wi-fi networks

Free Wi-Fi networks (hotspots), such as those in airports and cafes, can be hacked to intercept sensitive data. Use your phone as a secure hotspot or connect via a VPN.


Keep your devices under control

Whether in a public place or on the move, never leave your devices unattended.


Avoid working on sensitive documents in public

Use a privacy screen to prevent prying eyes.


Avoid public USB chargers

Charging stations in airports, cafes, or other public places can be compromised, exposing your devices to hacking risks. Instead, use your own charger and plug it directly into a secure power outlet.


Be wary of phishing and malware

Phishing attacks are frequent and dangerous for companies.


Be cautious with unexpected emails

Be wary of suspicious emails containing links or attachments, especially if they come from unknown senders.


Verify URLs and attachments

Before clicking a link or downloading a file, carefully verify the email’s authenticity. Links may redirect to malicious sites.


Avoid unapproved applications (shadow IT)

Using services not approved by the company (e.g., unauthorized Dropbox, Google Drive) exposes the company’s network to risks. Use only authorized applications.


Contact the person directly if in doubt

If an email seems suspicious, it’s best to verify by contacting the sender through another method before clicking or replying.



Equipment management and updates

Software updates are essential for patching security vulnerabilities.


Ensure all software is up to date

Enable automatic updates to get the latest protections against threats. Updates include critical security patches.


Install antivirus/EDR software and activate the firewall

Make sure your antivirus is up-to-date or EDR, and the firewall is active to enhance your protection against cyber threats.


Protection of sensitive documents

Managing sensitive information, whether digital or printed, is crucial.


Print only necessary documents

Limit printing and be sure to securely destroy paper documents after use.


Avoid storing sensitive documents locally

Especially when traveling, avoid copying sensitive documents to your device. If necessary, limit yourself to essential documents only.


Device management and secure information storage

A secure storage solution is essential to protect confidential information.


Do not use insecure media to store sensitive information

Avoid post-its or other unprotected media for noting down passwords.


Use a digital vault

Solutions like KeePass allow you to store passwords in a secure environment.



Be vigilant with online permissions

Many websites and applications request permissions to access drives, contacts, or even sensitive information.


Be careful with permissions

Before allowing access to your data, ensure the reliability of the site or application.


Don't upload sensitive data on unapproved sites

Use only company-approved sites and services for sharing or storing sensitive data.


Responding quickly in case of a security incident

Despite all precautions, incidents can still happen.


Report any incident or suspicious activity

Whether you notice unusual activity, compromise on your device, or a suspicious email, immediately notify the security team. A quick response can prevent a minor problem from becoming a major incident.



Conclusion: Cybersecurity, a collective responsibility

Cybersecurity doesn’t rely solely on company policies and solutions. It is also, and above all, the result of vigilant and responsible practices by every employee. By following these best practices, each person contributes to strengthening the company’s security.

Cybersecurity is everyone’s responsibility, and individual vigilance is essential to prevent cyberattacks.

7 views0 comments

Comments


bottom of page