How we ensure good cybersecurity habits among our employees
It is TheyDo’s highest priority to make sure that our employees know what good cybersecurity habits are. It is important that if a breach happens, the security team knows about it as soon as possible. This requires the TheyDo team to identify a potential breach quickly and report it immediately. At TheyDo we frequently check who has access to production data and adjust access to ensure that only relevant staff members have access.
Training our employees
During onboarding procedures, TheyDo makes sure that all employees will undergo security training. During these training sessions, the new employees will learn about a secure work environment to ensure that everyone can identify potential incidents when they might occur.
Furthermore, every year all employees will get a quick refreshment security training session to ensure that everyone is still on top of all vulnerabilities and are keeping their habits. After these training sessions, the developers will sit together to have a security orientated test session.
During such a test session, all technical employees will look for vulnerabilities in the application. This way, all technical staff will be able to be on the front lines and see where the problem areas are.
This will make them more vigilant in finding vulnerabilities in the future and writing more secure code.
“What are the big companies not getting? What do they think they’re getting, but they don’t? What do they misunderstand?”
“It has to do with the shift in focus towards customer experience being the holy grail and strategy.”
TheyDo employees have some great habits when it comes to security. Every employee will use a TheyDo recommended VPN when appropriate. While taking a break, all employees lock their computers so that no data will be exposed even when their computer gets stolen. Employees make regular backups; when something happens to their computer, they can smoothly go back to work by restoring their machine.
At TheyDo we require all employees to use MFA on their accounts. A password manager is used by all employees to store login credentials. This makes it possible to have much safer passwords and share them with other employees when needed.