Are employees the weakest link in your cyber security?

Chloe Edison

Jun 23, 2022

9 min read

Any organization’s most valuable asset is its data, and safekeeping this data becomes their number one concern. British mathematician Clive Humby rightly coined the phrase “Data is the new Oil”, as data is proving to be what every field, every organization is thriving on. The value of data has officially surpassed that of gold, oil or any other resource you can think of. Just like with every prized possession, there’s always a bunch of eyes prying on data, networks, computers and mobile devices, waiting to get their hands on it and use it to their advantage. This is where cyber security comes in, becomes of key importance in any organization, and with time, the question whether employees are the weakest link in cybersecurity arises.

A cyber-attack can disrupt the smooth flowing system entirely. It can cost the organization its financial stability, reputation amongst its clients as well as run into legal trouble. But there is a catch, cyber security is not just in the hands of one or two people. It lies at the fingertips of each employee who has access to the organization’s data. This makes cyber security a hefty task and employees the most accessible way-in for cybercriminals.

What makes employees an easy target?

No matter how informed or aware someone is, it is only human to have a moment of weakness, lose focus once in a while or make a poor decision. This is exactly what the attackers take advantage of, this very human instinct. Annual presentations and sessions on cyber security may not be as effective as one would hope for. Updated methods and strategies of securing devices and data they are responsible for should be provided to the employees along with a clear picture of the repercussions their lack of concern and attention could cause.

Although, that alone won’t suffice. More often than not, it may seem like the very same people, when it comes to their own devices or personal information, are at least a tad bit more careful. And that is on the organization; it is in the hands of the authorities to make each employee feel like they are dealing with something important and personal, when handling official business. The employees need to feel a sense of ownership; that they’re not mere pawns in the system and that anything that affects the organization could affect them too. The weakest link in cyber security could be the employees, but the atmosphere they work in and their frame-of-mind need to be thoroughly contemplated.

Where do employees stumble?

Employee protecting device with strong password

In today’s day and age, working remotely has become the norm; especially owing to the pandemic. It has also become popular culture to carry one’s device everywhere they go, work from a café, library or a park. With remote work comes the risk of connecting devices to unmanaged, unsecured networks.

There are a lot of ways in which devices connected to public Wi-Fi can be attacked.

  • Man in the Middle Attack – Instead of data being discretely shared between two devices, a third party interferes and can modify the data being transferred to their own advantage.
  • Evil Twin – All they have to do is set up a connection with the same SSID and wait for an innocent soul to click and join the network. Every piece of data shared from that moment goes via the hacker. It’s frightening how easy the whole process seems, isn’t it?
  • Dragon blood – WPA3, the latest implementation of the Wi-Fi Protected Access security standard, was launched with the intention of making it impossible to crack the password of a network using the Dragonfly handshake. But the mastermind cyber attackers have found a way around WPA3 too; especially if the employees are browsing HTTP sites instead of HTTPS, it makes their job that much simpler.

Key Reinstallation Attack, Packet Sniffing, Side jacking, Shoulder Surfing are other common methods of utilizing public networks to hack into devices. As amusing as these names may be, their effect on an organization is nothing short of dangerous.

Other factors that lead to cyber-attacks

BYOD (Bring Your Own Device) is another sought after practice. When using the same device for personal and professional purposes, the flow of data between the two poses a security threat on both fronts. Sometimes, employees may not bother to even set a strong password for the device or to steer clear of applications from unknown sources, attachments or links in emails from unknown senders. Also, when working from home or any remote place, chances of the employee being accompanied by a friend and them using the device exist. And if they are ignorant of the importance of cyber security, the possibility of a security breach is escalated even further.

An important factor that most people are blissfully unaware of is the Digital Footprint. Digital Footprint, the term being quite self-explanatory, is the footprint made on the digital space; the trace one leaves behind when they’re using the internet; which website they’ve been on, for how long, the data they’ve left behind, everything. As a generation that basically lives online, the amount of data created and left behind will only increase and this opens countless doors for cyber-attackers out there.

The concept of Internet of Things further adds to this madness. So many devices connected to the internet simultaneously does make our lives easier, but with every boon comes a bane. Today’s best estimates suggest that roughly 2.5 quintillion bytes of data are generated each day. That’s 2.5 followed by eighteen big fat zeros, for perspective. Internet being the big black hole that it is, there is only so much an individual can do to keep themselves from falling into a cyber trap.

Apart from all these scenarios, the ill-intentional leakage of confidential data by employees is also a dangerous case. A disloyal employee, also called a turn-cloak, abusing an organization’s data for personal or financial gains, continues to be one of the biggest risks when it comes to cyber security.

What can be done to keep employees from falling prey to these attacks?

It is of prime importance to keep the employees on their toes at all times; but of course, there are limitations. It’s possibly the single most difficult task on earth, to give directions to human beings and get them to follow them to the dot. Hence, it becomes essential to find a way to maintain a constant watch over the organization’s devices without compromising the employees’ work efficiency or their privacy.

Featured Resource

Building a cybersecurity framework for your enterprise

A cybersecurity framework consists of the best practices organizations can implement to manage all risks found within the scope of their business activities. Read this guide to get more insights on building the right cybersecurity framework for your organization.

Download Guide

Using a UEM solution like Hexnode is the most viable way of doing so. Hexnode provides a bunch of features to keep the device safe from cyber-attacks, and also ways to tackle an attack if ever faced with one. Some of them are:

  • Passcodes and the rules to be followed while creating one can be made mandatory. The passcode age, history and other factors can also be specified, providing additional security.
  • Wi-Fi can be configured and restrictions set such that the devices can connect only to the managed Wi-Fi networks. Thereby dismissing the risk of connecting to public, unsecure Wi-Fi.
  • VPN configurations make sure that data is transmitted through a secure tunnel by encrypting it and also provides the additional security of hiding the IP address and location of the users. If the employee is working remotely and poses the risk of connecting to public Wi-Fi, deploying a VPN configuration to the device would be ideal.
  • In case of a device being stolen or lost, Lost Mode can be activated, which locks the device instantly and can be accessed only if the passcode is entered or if the lost mode is deactivated from the UEM portal. The device can also be remotely wiped in such cases if deemed necessary.
  • Geofencing, which basically creates a virtual geographical boundary, will trigger an alert if device goes beyond the allocated fence and cause it to be marked as non-compliant. This feature along with location scan, most often than not provides sufficient information to track a device down if misplaced or stolen.
  • For Android-using employees using their own device for work can enroll the device using Android Enterprise method in the Profile Owner Mode; which basically creates a separate container for the work profile and uses the Hexnode for Work application. This makes sure that there is no flow of data between the personal and work profiles; if the restrictions have been set so.
  • Firewall, which is a barrier between your device and the internet, can be enabled. Similarly, File Vault can be used on macOS and BitLocker on Windows to encrypt the entire disk. Data and files can be accessed only on password authentication.
  • Blacklisting/Whitelisting apps can block unnecessary or harmful applications, giving access only to safe applications or those that would be required for work. Web Content Filtering blocks access to unnecessary websites, hence closing a lot of doors through which bad actors can attack the employees’ devices.
  • App Configurations can be used to configure internet browsers and email applications like Outlook and Gmail to prevent attacks via harmful websites or spam emails.
  • Data backup and OS updates can be automated from the UEM portal at regular intervals. Even if the employee doesn’t pay too much attention to making sure that the device is operating at its optimum efficiency, the organization will always have a record and at least basic control on each of their devices’ current state.
  • In order to tackle the risk of insider threats, an option to restrict any medium of data sharing is available. Whether it be blocking AirDrop in macOS, disabling Bluetooth or NFC or giving access only to recognized external media and storage devices. It can also be further narrowed down to giving access only after authentication and read-only permissions. Limiting outgoing emails, access to apps, websites and links are other options. These restrictions can be customized according to the device being used and the situation at hand.

How does UEM help address the insider threat risks?

So, are employees really the weakest link in cyber security?

At a quick glance, it very well might seem so. In a world full of computers and machines, employees may come across as the weakest links in cyber security and easiest targets to attack. But they could be assets with the most potential when equipped with the finest tools and guided duly. Employees are, after all, the pillars of strength that hold any organization together and there isn’t anything that can’t be achieved when minds that want to make a difference come together, even cyber security.


Chloe Edison

The voices in my head need an escape, and hence I write.

Share your thoughts