Your end-users are often the weakest link in your organization's security strategy. Here are five solutions to help users strengthen their security posture.rn Credit: Thinkstock Break your bad security habitsProcrastination. Fidgeting. Biting your nails. These are all bad habits, but none so bad that they could bring a company to its knees. When it comes to security, however, some bad habits could be devastating, leaving your company vulnerable to hacks, data loss or theft or some similar type of security breach. The good news is that there are some simple steps IT can take to educate users on security best practices and make them part of the solution instead of the problem.Jonathan Crowe, senior content manager at endpoint security solutions company Barkly offers five simple ways to improve your security posture and help employees become a bit more security-savvy.1. Using the same password for every accountImage by ThinkstockEach year, password management company SplashData highlights the insecure password habits of Internet users and publishes a list of the worst of the worst password offenders. Suffice it to say, using “123456” or “password” as your password is still quite common, and that’s a standing invitation for attackers. That said, it’s unrealistic to think your users can create and remember strong, unique passwords for every single account.Solution: Use a password manager. Not only will it generate random, secure passwords, it will encrypt and remember them so users don’t have to, Crowe says.2. Clicking on links and attachments without scrutinizing them firstImage by ThinkstockToday’s attackers have gotten frighteningly good at crafting messages that look legitimate to users, and use social engineering tricks to unleash a virus or gain access to proprietary systems. They can even appear to come from sources your users know and trust.Solution: Educate your users on how to double-check URLs by hovering over links/hyperlinks to see where clicking would send them, says Crowe. If the site doesn’t match the link or looks suspicious in any way, don’t click. Likewise, users should avoid opening any attachments they weren’t expecting. [ Related story: 8 tips for recruiting cybersecurity talent ]3. Putting off patches and updatesImage by ThinkstockOnce a software vulnerability is discovered and a patch is released, it’s a race to evaluate and deploy it before the vulnerability can be exploited. Stats indicate attackers don’t waste time — nearly half of the common vulnerabilities and exposures exploited in 2014 were taken advantage of within two weeks of being announced, Crowe says. Patch early and often.Solution: Consider adopting a patch management solution that helps you automate tasks and updates. That can help you avoid falling into the “remind me later” routine and keep you secure and up to speed, instead, he says.4. Using public Wi-FiImage by PixabayEveryone’s been tempted by the siren song of free Wi-Fi. Whether your remote users are at a Starbucks or at an airport, there are times when they just need to connect. That’s when it’s important to remember that “free” and “public” don’t always go hand-in-hand with “secure,” Crowe says, and signing on even for a brief window of connectivity can carry a disproportionate amount of risk.Solution: Consider mandating use of a VPN, instead. Traffic will be encrypted and users’ browsing sessions will be much more secure. Even if your company doesn’t provide one, educate users about the benefits and suggest some free — or free trial — options to consider, Crowe says. [ Related story: How to crowdsource your way to better security ]5. Thinking of security as IT’s problemImage by ThinkstockThere are technical teams and security solutions in place to help safeguard interactions online, certainly, but the truth is, each user is responsible for how their choices impact personal security and the security of the company. And the majority of data breaches and cyberattacks begin with one end-user clicking on something they shouldn’t, leaving a laptop in a taxi, or connecting a corporate laptop to a public Wi-Fi network.Solution: Education, training and reinforcement. Make sure your users know security best practices and are using them daily, says Crowe. By learning more about security risks and how to reduce them, your end-users can become a formidable defense instead of the weak link. Related content brandpost Sponsored by SAP What goes well with Viña Concha y Toro wines? Meat, fish, poultry, and SAP Viña Concha y Toro, a wine producer that distributes to more than 140 countries worldwide, paired its operation with the SAP Business Technology Platform to enhance its operation and product. By Tom Caldecott, SAP Contributor Dec 04, 2023 4 mins Digital Transformation brandpost Sponsored by Azul How to maximize ROI by choosing the right Java partner for your organization Choosing the right Java provider is a critical decision that can have a significant impact on your organization’s success. By asking the right questions and considering the total cost of ownership, you can ensure that you choose the best Java p By Scott Sellers Dec 04, 2023 5 mins Application Management brandpost Sponsored by DataStax Ask yourself: How can genAI put your content to work? Generative AI applications can readily be built against the documents, emails, meeting transcripts, and other content that knowledge workers produce as a matter of course. By Bryan Kirschner Dec 04, 2023 5 mins Machine Learning Artificial Intelligence feature The CIO’s new role: Orchestrator-in-chief CIOs have unique insight into everything that happens in a company. Some are using that insight to take on a more strategic role. By Minda Zetlin Dec 04, 2023 12 mins CIO C-Suite Business IT Alignment Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe