A digital footprint is generally considered as an individual’s concern. However, with employees accessing emails, other company data and information on their personal devices, it has also become an employer’s concern due to the sensitive nature of the company data. More so when telecommuting is the new normal due to the COVID-19 pandemic.
The digital footprints of your employees can be a huge company risk if it falls into the hands of cybercriminals. In today’s digital world and ‘Bring Your Own Device’ culture with ubiquitous Internet access, employers and employees face a ‘double-edged sword’ of technological progress and digital transformation. Every interaction or engagement on the internet creates a footprint giving hackers and cyber criminals an opportunity to trace it and carry out their nefarious designs.
Most organizations don’t have any mechanism or tools in place to monitor and manage their employee’s digital footprint. A big company has thousands of employees carrying their own smartphones, social media accounts, servers, IP ranges, databases, repositories, and other web-connected assets.
Even though both companies and their staff try to separate their personal and professional digital engagements, but the nature of the technology often blurs the line and contributes to the digital footprint wherein sensitive information of both merges. We have seen many instances of cyber-attacks wherein employees were targeted to get sensitive data from their organization.
Consider this, your employees must be providing personal details like birthday, phone number, home address and in some cases Social Security Number etc., online for one purpose or other. Every time they fill a form online providing these details, a digital footprint is created which can be accessed by hackers. This information, combined with Dark Web resources, may give an opportunity to hackers to impersonate your employee, obtain their corporate identity and access your organization’s systems and databases that he/her has access to. And this scenario is not an exception but an everyday reality. The breadcrumbs we leave digitally makes it easy for cybercriminals to bypass security mechanisms and hack corporate assets.
Most companies today force stricter strong security policies; however, it is very difficult to control the behavior of your employees. Some may unintentionally be providing breadcrumbs to cybercriminals and that’s why companies need to find ways to help their employees manage their digital footprint so that hackers can’t leverage it to break into corporate data. An effective mechanism to protect and clean digital footprint consists of 2 parts.
- Helping your employee clean their digital footprint
- Strengthening and strictly enforcing corporate policy
Gemini Consulting & Services can help you protect your employees and enterprise’s digital footprint. Our team of cyber security experts and software developers can review your digital footprint, suggest ways to clean it and provide tools to monitor it. Click here to know how we can help you protect your enterprise data.
Here are a few tips for your employees to clean their digital footprint.
- Search Their Names Online: Ask them to make a Google search with their name and review the results. Do they find any key personal or company detail in any of the results? If there’s anything that is sensitive information, they must contact the website administrator to take it down.
- Check Privacy Settings: Advise them to check on the privacy settings of the website or social media channels they visit. Most of the websites today offer you to opt out from tracking your browsing details or storing any data. Ask your employees to opt out of it.
- Create Stronger Passwords: Most of us create easy-to-remember passwords using our name, pet name, birthday and anniversary date etc., which is easy to guess and hence not safe. Ask them to create long passwords combining characters, numbers, lower and uppercase etc.
- Review and Update Security Software: Advise them to review security software on their device and update it or install a new one if required.
- Share Sensitive Information Cautiously: Ask your employees not to share personal or company details like employee id, email passwords and other information on phone/email/messenger etc., to other people including colleagues.
Most organizations have corporate policy on online behavior of employees which is shared with employees when they join a company. But sadly, there’s not enough monitoring on whether the employees are following it or not. So, build a mechanism to check if your employees are following the corporate policy.
Also continuously review your enterprise digital footprint and security mechanism to see if any sensitive detail is available in the web.