Privacy fatigue. It sounds like an existential crisis in a middle-aged relationship. But it’s not.

The phenomenon of “Privacy Fatigue” is the feeling many get from the endless cookie approvals, security warnings and “Are you sure you want to install this program?”. A fatigue that eventually has a greater impact on people’s computer behaviour than the warnings themselves, and than the admonitory words of the IT Manager’s latest security review.

Your colleagues are just doing their job

Before you put your head in your hands because another employee is jumping on the phishing hook, remind yourself that the employees rarely do it with malicious intent.

Your colleagues outside the IT department (yes, and also within the department) are concerned about their own work and doing it as efficiently and as well as possible.

It’s no wonder that the employees  download unauthenticated third-party programs that improve their workflow, nor is it strange that they do not always read the security warnings, but simply press “Accept”.

In other words, it’s not because of ill will that your colleagues forget the security presentation you held in the canteen two months ago, but because they are busy solving the tasks for which they are employed.

Security Nudging – the user-friendly approach to security

With the old familiar methods, your IT department is about to lose the security battle. People are and remain the weakest link in the security chain, and if you don’t manage to change their IT behaviour, you expose your company to a major security threat.

Fortunately, there is a solution: You can start thinking in terms of “nudging” strategies.

Nudges: are a way of influencing people to choose to make the right choice when they are in the situation. Nudges can be in the form of timely, friendly reminders of the “good” decisions, and this may involve making the “wrong” decisions difficult.

A nudge must not be an inconvenience

However, a nudge must not stand in the way of your colleagues being efficient. To introduce new habits, you need to understand the compromises and takeoffsthat employees make in order to incorporate them. Therefore, new habits and procedures must maintain or improve the efficiency of your colleagues’ workflows.

Although the required research, consideration and work to introduce a nudge may seem overwhelming, you will often be able to get significant and measurable improvements when a well-thought-out security nudge is introduced.

Try these security nudges first

Some security nudges require extensive preparation, and others are both simple and inexpensive to implement. Here you have three ideas for nudges that will increase your IT security from day one:

#1 Lock Screen nudge

It’s hard to get used to locking your screen when you leave it. In many companies, the cure is that cool colleagues switch the unlocked computer to a Justin Bieber theme. Fun, but also with the risk that the Support department must help the person in distress.

Instead, try printing reminders at the bottom of your coffee cups so that employees are reminded to lock the computer just before they go for a refill.

Also, try to keep statistics on how many people remember to lock their screen. Display the “score” of the day in the canteen, and so put positive social pressure on the forgetful.

Also, remember to auto-lock computers when employees are inactive. Find a time interval that balances the security risk with the irritation of a screen locking merely with a 2-minute conversation across the desk.

#2 Avoid phishing nudge

The first step to avoiding phishing e-mails is, of course, a good spam filter. If junk e-mails still find their way through the wall, the next line of defence is the employees themselves.

Try setting up a “warning” that pops up if an employee clicks a link from an unknown sender. Instead of a traditional warning, try writing:

Hi, Tony!

We don’t know “xxx@hackermail.com” and therefore we are hesitant to open the security door.

Do you know the sender well enough for you to let him in without security checks?

Button 1: Do a security check first

Button 2: xxx@hackermail.com is welcome

If your colleague clicks on “Do a security check”, then it must be quick. Remember that your colleagues would like to be efficient with the work they are doing. Therefore, if possible, the security check must be automatic so that your colleague gets the response immediately and knows if the link is safe or not.

#3 Nudge with a security post box

A classic hacker trick is to leave USB sticks with your company’s logo outside of your building.

When a friendly colleague finds the USB stick and wants to return it to the right owner, the threat arises: The USB stick is plugged into a computer to find the owner, and the hacker now has access to your system.

The problem with this behaviour is that it’s done with the best intent, and the action is therefore difficult to prevent.

So, try to place a red post box right at the entrance, so that any USB sticks, mobile phones, and other hardware that employees might find can be handed in.

This makes it even easier for employees to be helpful, and ensures that uninvited USB sticks are destroyed and that harmless, mislaid USB sticks are returned to the right people.

Bonus tip: Say thank you!

It sounds elemental, but a simple “thank you” is actually an effective way to keep your colleagues’ focus on secure IT behaviour.

So, when your colleague reports a security threat or remembers to lock their screen, then please say thank you!

Thank them for making your work easier because they secure the company’s data and because they have made an effort.

It can be a thank you e-mail when they contact support, or even better: A handwritten note or a personal “thank you” when you meet them in the corridor. The more personal, the greater the behavioural change you will see.

So, the next time you have to introduce new security procedures, then keep in mind that no one reads your code of conduct and that nobody remembers a security presentation when they are busy.

Instead, help your colleagues remember IT security when it’s most relevant, i.e. when they leave their desk, receive a foreign e-mail or find a USB stick in the car park.

Read more about Shadow IT

Download the free Whitepaper

 

"From operations to strategy"

 

You’re very likely facing this every day—a requirement for increased automation throughout the organization in order to raise competitiveness and also increase user satisfaction. That’s a difficult balancing act, and only few people succeed.

 

Download the free Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

Download the free Whitepaper regarding Digital Employee Analytics

 

"Employees are (also) the real success factor in the digital era"

 

In today’s digital world, employees build their careers on the ever-changing opportunities presented to them. So, competitiveness requires more from companies than ever before — you need to present your corporation as attractive as possible to existing as well as future employees.

Therefore, you need to incorporate the Employee Experience, which includes all aspects of the relation between the employee and the employer.

 

Download the free Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

Download the free Whitepaper

 

"How to select the right software provider"

 

Software providers abound, and very likely they will call you again and again wanting to present their solutions.

CapaSystems has made a brief guide with concrete advice on what you need to be aware of when you contemplate switching software providers or wish to integrate a new system in your organization.

 

Download the free Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

Download a free Whitepaper regarding the CIOs role in the future

 

"CIO as business developer"

 

It is crucial that businesses’ CIOs are able to identify, select and evaluate the IT services that provide maximum insight and increase growth and productivity. That requires tools that provide up-to-date operational insight into services’ functionality and stability.

 

Download the free Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

User Experience

Download free whitepaper regarding performance issues and end user simulation

 

"Solve your performance issues with end user simulation"

 

A recent study showed that Danish employees waste an average of 144 hours a year on slow computers. To a company of 500 employees, that is hundreds of thousands of Danish kroner. This whitepaper describes how you can minimise waiting time by having your IT provider comply with your service agreements.

 

Download the free Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

Download free Whitepaper from CapaSystems regarding performance issues and how to awoid wasting time

 

"Analyze infrastructure and use time efficiently"

 

Performance problems and long login times can easily cost businesses and organizations time that corresponds to several full-time jobs every year. It can be hard to identify the roots of the problems with traditional solutions.

End-user performance monitoring, however, provides an overview that covers the entire infra-structure – from end users to network and server applications. That provides an accurate, factual basis for correcting current problems and for nipping future problems in the bud.

 

Download the free Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

Download free whitepaper regarding BYOD

 

"Bring Your Own Device?"

 

Mix of personal and business applications on same IT devices makes IT departments worry.

But what about the security of your company in this universe of personal and business apps provided by a Bring Your Own Device (BYOD) culture?

 

 

 

Download the white paper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

Download free whitepaper regardingShadow IT

 

"Cast new light on Shadow-IT"

 

It’s a challenge when employees and business units purchase technology and IT services without involving the IT department. You easily lose perspective of finances, agreements and where important information is located –and if you’re not able to name who’s responsible for support from day one, a service outage risks being interpreted as internal trouble, even though the IT department has nothing to do with it.

 

 

Download the Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

Download free whitepaper regarding security

 

"3 steps to secure the company against data sheft"

 

It is said that a chain is only as strong as its weakest link. Therefore, your weakest link in the IT systems will have to be properly secured. Here are our suggestions for three things that can secure your IT infrastructure.

 

 

Download the Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.