Give us a Call +1 (720) 515-1377

According to the Anti-Phishing Working Group (APWG), phishing attacks by cybercriminals are becoming more and more common. In fact, the APWG reported a 24% increase in phishing attacks worldwide from the first half to the second half of 2012, and an overall increase in attacks involving shared webhosting servers. These attacks, and others like them, pose a real and serious threat to organizations with any type of enterprise infrastructure, from on-premise ERP software to cloud and SaaS ERP systems.

Even if your organization already has fairly strong security measures in place to protect its ERP system, security can always be increased. This is especially true if employees are not yet educated on potential risks. Educating employees may be one of the most powerful security measures organizations can take to prevent email phishing attacks, confidentiality breaches and even cyber-attacks.

Employee training not only helps prevent common attacks but also creates a level of awareness and diligence that employees can learn to apply to every potential security situation they face at work.

Following are several tips for educating employees about organization-wide and system-wide security:

  1. Communicate your organization’s security goals so that employees understand the reasoning behind new policies and procedures. Put security risk in a context that directly relates to employees by explaining that a security breach affects not just data but the organization’s reputation and, ultimately, its ability to achieve business goals.
  2. Encourage employees to attend security training sessions and ask employees to sign confidentiality agreements. Similar to general ERP training, security training should be ongoing and supported by strong buy-in from executives.
  3. Share news about security breaches at other companies and use this as a teaching tool. Organizations may also choose to confidentially share general information about attempted attacks on their own ERP system. While stories can be strong motivators, be careful with how much detail you share because employees themselves can use this information to launch copycat attacks internally.
  4. Launch simulated phishing attacks to test employees’ current level of security knowledge and to grab their attention. After assessing employees’ responses, explain how they should respond to similar attacks.

Training employees on security procedures and encouraging them to remain alert is the responsibility of both managers and the IT department. If your organization is in the midst of an ERP implementation, the project team should be driving such efforts. If your organization is enjoying the bliss of post-implementation, you might have forgotten about organizational change management but here it is again! Are you surprised?

To learn more, check out some of our past blog posts: ERP Training Strategies, Protecting Your ERP System from Cyber-Crime and Cybercrime and ERP: How Vulnerable is Your Organization?

Posts You May Like:

(Technical) ERP Go-live Readiness Checklist

(Technical) ERP Go-live Readiness Checklist

After many months of meticulous planning, building and testing you may come to a point where you think to yourself, "We're ready for ERP go-live!" While it's easy to get caught up in the excitement of completing major milestones, it's important to be completely...

How to Achieve ERP Business Benefits

How to Achieve ERP Business Benefits

During ERP selection, companies typically see limitless possibilities in terms of potential improvements for their businesses. However, somewhere along the way, many projects fall short of expectations and ERP business benefits underwhelm executive expectations. In...

5 Customer Experience Transformation Tips

5 Customer Experience Transformation Tips

A great customer experience is not something that magically happens. It’s a mindset that’s built and reinforced by optimized processes and easy-to-use systems. In terms of optimized processes, we’re not just talking about customer-facing processes, as customer-facing...