If Your Employees Worked for Me, I Would Fire Them

I regularly meet with prospects whose poor cybersecurity scares me to death.

It can be tough to communicate cyber risks to a non-technical person. I get that.

Recently, I realized that the simplest way I can explain these risks is with one simple sentence:

If that person was my employee, they would be fired for that.

This isn’t being dramatic. This isn’t to say we’re running some draconian sweatshop where you can lose your job for the smallest thing. We literally have written policies banning dangerous cybersecurity practices and stating that violations are punishable by termination. We explain these to employees in-depth during training, so there’s no “But I didn’t know that wasn’t allowed!” These practices are just too risky to tolerate.

The Gap in Risk Perception

The point is: there is a HUGE gap between:

• Actual risk: Extremely high
• Perceived risk by the average non-technical business owner: Low or moderate

Examples of Fireable Cybersecurity Offenses

• Employees using their personal computer, over which we have no control, visibility, or security, to access sensitive company data. Fireable offense.
• Employees using their personal email (@gmail.com, etc.) for company business, or using their personal Google Drive, Dropbox, or whatever to store company data. Fireable offense.
• Employees storing all their passwords in an (unencrypted) text file, Word doc, or Excel sheet. Bonus points if the computer is in a public area and they don’t lock their screen when they go for lunch. Fireable offense.

Why Such a Severe Punishment?

Simple: Each of these poor practices represents a threat that can literally destroy our company, or at least cause irreversible reputational damage (which is ultimately the same thing).

Are These Risks Happening at Your Business?

Struggling to understand and manage the risks?
Contact Green Mountain IT Solutions today for a free consultation.