IT Blog

Baseline Employee Cybersecurity Assessment – Handling PII Banner
Cyber Security

Breaking Down the Baseline Employee Cybersecurity Assessment – Handling PII

Baseline Employee Cybersecurity Assessment – Handling PII Banner

Our recent launch of the Baseline Employee Cybersecurity Assessment provides MSPs with a new tool to add to their prospecting and baseline risk detection efforts.  As an MSP, it gives you the opportunity to show prospects and clients that human security plays a key role in protecting their organization and that without proper ongoing training, employees are an easy entry point for cybercriminals.

While a security risk assessment will identify gaps in a business environment, the human element should never be overlooked or assumed to be foolproof.  Ongoing training is critical, but this assessment provides a deeper dive into which part of that human factor needs to be strengthened. The Baseline Employee Cybersecurity Assessment is delivered via a URL and is made up of a series of questions across six different cybersecurity categories, showing organizations where employees are struggling the most and maybe the most likely to fall victim to a malicious attempt made by cybercriminals.

In previous weeks, we looked closer at some other sections of the assessment, including Phishing and the General Cybersecurity Knowledge components.

This week we’re focusing on the Handling Personally Identifiable Information (PII) component of the assessment. 

As the owner of our own PII, this section of the Baseline Employee Cybersecurity Assessment has something that everyone should be aware of and familiar with.

The amount of available Personally Identifiable Information is immeasurable.  It is found on our smartphones, in emails, in spreadsheets, on social media, and in the most basic of databases.  The very simplest of information, our first and last names, are part of our identifying information and can link cybercriminals to additional data that can compromise our security.  Usage of mobile phones, laptops, and even the humble USB drive, can take down an entire organization if not protected properly.  If proper safeguards are not put in place so that these devices are protected and respected with regard to the information that they contain, cybercriminals have the advantage.

Additionally, our PII could be at stake simply by having an online presence. The accounts we create in this digital era are vast; rewards programs, social media pages, shopping sites, digital music subscriptions, and the list goes on. Protecting our PII that was shared to create these accounts is vital, and emphasizes the need for a strong cybersecurity posture when creating and maintaining accounts that contain our PII.

What We Look At

The questions found in this section of the Baseline Employee Cybersecurity Assessment will address what constitutes PII, as well as how an employee might respond when faced with the discovery or loss of their personally identifiable information.

Identifying any employee that isn’t familiar with PII and how critical protecting this information is from both a business and personal perspective, will help organizations see a major security gap that could be putting their business at risk. As with other sections in the assessment, discovering any weaknesses within an organization will provide you with the opportunity to share how those weak points could lead to a security incident, and how you can provide a focused approach to help remediate those human security gaps for your prospect or client.  A strong cybersecurity posture will be built upon the foundations of discovery through all six sections of the assessment.

How To Use the Results

After each employee completes their assessment, the results are recorded along with the overall time taken to complete the assessment. You are then given a report to share with client management that provides the average score across all employees who completed the assessment, as well as their individual scores. The report breaks down each of the six categories to show management where their employees are struggling the most. This new tool changes the way MSPs can show their prospects and clients their human security risks at baseline, helping to highlight the critical need for an ongoing security awareness training program to reduce those risks.

We’re excited to add the Baseline Employee Cybersecurity Assessment to our platform as another way for MSPs to expand and grow their businesses. This tool is now available for Breach Secure Now partners! If you’re a current partner and have questions on how to access this tool, or if you’re interested in learning more about how you can get your hands on this game-changer, you can contact us today! And, did we mention, it is INCLUDED with a Breach Secure Now partner subscription? Get started today!

The post Breaking Down the Baseline Employee Cybersecurity Assessment – Handling PII appeared first on Breach Secure Now!.