How can my staff be safe online?

You can spend loads of money on security systems and fancy kit to be safe online, but we (people) are the weakest link. For example, you can install a super-duper CCTV system at your house. Then you can check everything online and on your phone, nice. Also, you can have an alarm system that connects to the Police, cool. Finally, you can have an anti-theft lock on your front door. You feel very secure now.

Although, when you leave the house, if you forgot to lock the door or if you leave the keys on the front garden, it all unravels. All your super-duper, expensive security systems are completely useless, right?

So, to be safe online is the same. You can buy and set up all the latest security systems for your company’s IT. However, if your users do silly things then it will be a waste of money. Remember, most of the successful cyber-attacks are through phishing and social engineering. They target people, not systems.

I’m not saying that you shouldn’t spend money on IT security systems. Of course, you should. You should have a good firewall, a good antivirus, a good spam filter for your emails, your server should be secured and you should make sure all your devices are always up-to-date with the latest security patches. But, you also need to be training your staff, make them aware of the risks and more important make them aware that they are the target, the weakest link.

Here you have 5 simple steps to help you and your staff to stay safe online:


 Passwords are one of the weakest, if not THE weakest spot in the whole field of online security. We are lazy and tend to choose the easiest password to remember. You know like “password” or “12345”, your name, your wife or your kid’s name. Well enough of that! Create complex passwords, with capital letters, numbers and special characters. Use password manager software to help you manage different and complex passwords. So, to be safe online follow these tips:

  • Don’t have the same password to everything, or worse to all your users!
  • Don’t save all users password on an Excel document, just because you may need to access their computer when they are on holiday or sick leave. Your IT provider can reset their password in 5 minutes.
  • Change your passwords regularly, don’t go nuts and change them every week. Once every 3 or 6 months is enough.
  • Don’t save your passwords on your browser.
  • Remember, don’t be lazy.

Click smart

As I mentioned, most of today’s online threats are based on phishing or social engineering. This is when you are tricked into clicking on or opening fraudulent links or web pages and you give away your personal or confidential information. So, before you click or open anything take some time to check it. Check if the email, link or web page is legitimate. Just because you received an email from your bank, don’t go straightway and click on the message links. These are a few tips that you can use to be safe online, although in doubts always contact your IT provider and ask for assistance. A few minutes can save you a lot of money and trouble.

  • Look at the email sender. It is really from your bank or does it have some strange words with the bank name on it?
  • Look at the email layout. Does it look professional? Is the English grammar a bit funny? Does the bank logo have poor graphic quality?
  • Hover the mouse over the links and look at the bottom of your browser to see if the link is right and it is not pointing to some strange location.

Safe browsing

 In the real world, you have nice neighbourhoods and not-so-nice neighbourhoods. You don’t walk alone in the dark in those ones, right? So, do the same to be safe online.

  • Look for the URL and check if the website is an HTTPS. The “S” means secure and these websites have an SSL certificate.
  • Again, look for misspellings or bad grammar on the URL, they could be copycats of legitimate websites.
  • If you are shopping online, before buying anything make sure you know the website is legitimate. Search for reviews, read some customers comments. Check if they have a physical address or which country are they operating. Don’t buy the latest iPhone for £100 from Nigeria!

Be careful with what you share

Social media is great, but people are sharing too much personal information nowadays. If some stranger approaches you in the street and asks if you are married and if you have kids, I’m sure you would not tell them. So, why do you do it online? Your professional contacts don’t need to know if you are married and have 3 kids. They need to know what are your skills and competencies. Be careful with who and what you share. Hence, make sure your privacy settings are on and set up properly to be safe online.


I know all of us have downloaded a movie or a song that we love. Look for streaming services instead, they are very competitive. If you need some sort of software, always download the trial/demo from the legitimate software producer. If you have a popup telling you that your computer is in danger and you need to install this fabulous software that will fix all your issues, be suspicious. Contact your IT provider for an opinion.


Basically, you should spend some money to ensure your IT system is secure and up-to-date. Your IT provider should take care of this for you. So, now you just need to make sure your users (people) don’t make silly mistakes. Training and awareness of your staff combined with a relevant IT policy is very important to avoid open loopholes in your IT security system. Share these tips with them.

If this article raises some concerns to you and you want a second opinion. Then contact us for a Free IT Audit here.