Articles and News

November 30, 2015

Ways to help get your employees on board with information security

Information security and asset protection are essential components to any business, organization, and company. However, many employers find it difficult to keep employees on track with understanding and implementing information security practices.

To many employees it seems easier to do the bare minimum, but many don’t understand the risk and liability. When an information security breach happens it is not just the employer that is liable, but also the employee. As part of a team that assures security and stability to its consumers, both the employer and employee must uphold the highest regard for security practices.

According to an article on,, the best security technology in the world can't help you unless employees understand their roles and responsibilities in safeguarding sensitive data and protecting company resources. This will involve putting practices and policies in place that promote security and training employees to be able to identify and avoid risks.

Here are a few fun ways to help get your employees on board with IT security:

  • #1: Admit Everyone Makes Mistakes.


    Nobody’s perfect. People forget to change passwords. Holes in firewalls are exploited. Forgotten passwords bring productivity to a halt. Sharing these stories reminds everybody that nobody’s perfect—especially when shared over a lunch hour catered by the company. In cases where employees might be too shy to share embarrassing examples, post an anonymous comment box where everyone can put an index card with their IT confessions inside. Share the most amusing anecdotes anonymously and offer an incentive if a certain percentage of employees participate. The prize could be a one-time event like a lunch out or it could be an ongoing amnesty that opens up lunch-hour social media use, for example.



  • #2: Shall we Play a Game?


    Include a short, fun game as an email with a tag at the end to remind employees about IT security. Send a game of hangman when it’s time to change passwords. Put up a link to a browser version of Pac-Man when talking about new firewalls. For an immersive experience, send out coded emails using classic ciphers that employees can “hack” for more information. Small prizes can encourage participation.



  • #3: IT Security from a Fortune Cookie.


    Oftentimes people are afraid of IT security because they don’t understand it. They think it’s a heady subject and nobody wants to go to a big long meeting for something they don’t understand. Breaking up this education into small, bite-size chunks makes it easier to handle. Incentivizing employees to learn on their own also brings the ideas home. You don’t have to require everyone get a hefty certification. All it takes is bringing back some information from the Internet or asking a couple of questions at the office supply store to impart wisdom. Instead of long lectures, try short bits of trivia. Effective employee training can be fun!



  • #4: Update Casual Friday.


    Most offices have a day where employees don’t have to adhere to a strict dress code. This might be Fridays during the summer, pay-to-wear-jeans days, or perhaps when local sports teams hit the playoffs. Raising IT security awareness can be paired with these fun, casual days. For example, employees could raise money for charity in exchange for using their smartphones or own devices at home. Run a social media hashtag contest to see who can find the most IT security facts on Twitter. It’s a great opportunity to turn the proliferation of social media into a marketing advantage that also makes your employees happy.


    IT security protects your business—and while network security must be taken seriously, it doesn’t always have to be so serious. Getting employees on board can be as easy as not treating the process like a mandatory meeting but as an interactive experience, bonding everyone together and making ties between employees stronger. Enthusiasm makes any element of the workplace stronger. By bringing IT security out of the server room, modern companies can show they embrace technology and look forward to the future.


    Along with getting your team on board, learning some of the ways to protect your data is another step in enhancing any company’s network security. Web filtering limits the types of websites employees can visit during the workday. A firewall protects a businesses’ computer network from external threats. Proactive monitoring allows you to track and respond to IT security threats before they become a problem.


Rock Solid Shredding provides customized paper and hard drive shredding services that assist businesses with complying with legislation while protecting information.

Contact them at 501.940.9900 or fill out the Contact Form.

Follow Rock Solid on Twitter. Like them on Facebook.