three employees sit at their computers in a open concept office and types their work out

Even though your IT department is always looking for new ways to make your company’s systems and networks more secure from a cyber attack, there is a threat they can’t fix with a digital solution: employees. 

Cyber attackers target businesses, but in order to get to businesses, they must first target employees. When employees work from home, it leaves businesses at increased risk for cyber attacks — 67% of recent cyber attacks that impacted businesses targeted remote employees.   

Since your employees are your first line of defense against cybersecurity threats, here’s what you can do to make sure they know how to prevent and respond to attacks. 


Phishing, malware, ransomware, and data breaches are among the common cyber attacks your employees should be aware of. Educate your employees on what to look out for and train them to not open emails from unfamiliar addresses.

By helping your employees understand things like how phishing emails can appear to be from legitimate businesses — or even coworkers and supervisors — you could save your business from becoming the victim of a cyber attack. 


Instill in your employees that if they have doubts about the legitimacy of a message, they should contact the IT department or your company’s managed security service provider. If an employee does spot something like a phishing attempt and reports it, use that information to notify other employees to be on high alert. 

Make sure your employees know they need to report it to the IT department if they were tricked by a cyber attack so the it can hopefully be stopped or resolved.

If you believe that your company has been the target of a cyber attack, file a report with the Internet Crime Complaint Center. As a business owner, you’ll also need to follow up with your insurance company and your legal team on the next steps. 


Changing passwords can help prevent hackers from accessing your employee’s accounts, and therefore prevents them from accessing your company’s data. 

Simply sending reminders to employees to change their passwords may not be enough. To truly keep your company secure, make it mandatory for employees to change their passwords. 

However, be aware that some employees tend to make their passwords weaker when they have to change them often. Don’t let that happen. Even if this sounds obvious, consider that the most common password in 2020 was “123456.” Your employees need restrictions. 

Set guidelines for passwords, such as requiring passwords to have a combination of numbers, uppercase and lowercase letters, and symbols. You can also require that new passwords not be the same as old passwords. 


As remote work began to increase in March 2020, the National Institute of Standards and Technology warned that organizations: “should assume that external facilities, networks, and devices contain hostile threats that will attempt to gain access to the organization’s data and resources.” These threats still exist and are only getting more sophisticated. 

To keep your business safe, have remote employees use a VPN to connect to the company’s internal network. If employees are using personal Wi-Fi networks, ask them to ensure their network is secure and has a strong password. Discourage employees from using public Wi-Fi networks. 


At Cornerstone Technologies, we’re passionate about helping you prevent cyber attacks. We work on day-to-day security so you can focus on growing your business with peace of mind about your technology. Contact us today to find out how we can help keep your data and network safe!