[BreachExchange] 10 Habits Threatening Your Company's Data
Audrey McNeil
audrey at riskbasedsecurity.com
Tue Mar 8 21:17:56 EST 2016
http://www.tmcnet.com/voip/departments/articles/418563-10-habits-threatening-companys-data.htm
They’re just old habits. You likely do them without even thinking. But
these 10 habits could be making your company vulnerable to hacks and other
cyberattacks. Here’s a list of these 10 risky behaviors and why they are
problematic.
Sharing Passwords
It may not seem like a big deal to share your password with a coworker that
you’re close to, but even if that person is completely trustworthy, someone
else may overhear you. You should always keep your passwords completely
confidential to ensure that they don’t fall into the wrong hands.
Using Identical Passwords
More people are guilty of this than would care to admit it, but the fact
remains that it’s simply easier to remember one password for all of your
accounts. But using an identical password makes it easier to hack every
account you have. If you need to, get a password app to keep all your
passwords safe, and use a different one for every one of your accounts.
Using Unsecure Internet Connections
Getting work done at the airport or while you’re sitting at your local
Starbucks may seem like a good idea at first, but if you have confidential
information on your device, it is a serious data security risk. Public
Internet connections make your information accessible to anyone who has the
know-how to access it. Only use secure Internet connections to get work
done, and save public connections for personal browsing purposes.
Not Purging Files
Some documents that contain sensitive information eventually become
obsolete or outdated. When this occurs, it’s important that you purge the
files from your system. The longer these documents are on your computer,
the more likely it becomes that they’ll be compromised. If you need regular
reminders to purge old documents, you can set file retention policies
through eFileCabinet.
Using Unencrypted USB Drives
It’s quick and easy to grab a USB drive and save some files to it before
you leave the office. But it’s important that you ensure the drive you’re
using is encrypted. If you were to lose an unencrypted drive, anyone who
found it could access the information you stored.
Not Reporting Lost Equipment
We’re only human, and sometimes we lose things. But when you lose a
work-related device – whether it’s a laptop or a USB drive – you may be
tempted to keep it quiet to avoid any repercussions. (Or you may just think
it’s not that big of a deal.) It’s important that you report any lost
devices so that the company can take measures to protect the data that was
contained on those devices.
Leaving Computers Unattended
When you’re working outside the workplace, you may not even think about
stepping away from your laptop for a few moments to grab a coffee or toss
something in the garbage. But when it comes to confidential data, you
shouldn’t leave your computer unattended for even a moment. It only takes a
few seconds for someone to grab your laptop and run, or to copy some
information off of your screen. Always keep your laptop within easy reach
when in a public area.
Not Using Privacy Screens
Whether you’re at work or working remotely, it’s important that you use
privacy screens when working on confidential documents. Any time you step
away from your computer, lock it with a privacy screen so that passersby
can’t see the information you are working on. Failing to do so is an easy
way to compromise clients’ personal data.
Using Personal Mobile Devices
It’s common practice these days to connect your mobile device to the
wireless network at work. But if that connection can access private
information, it should only be accessed with secure devices. Your
smartphone does not have the security necessary to protect your company’s
data and maintain compliance.
Carrying Unnecessary Information When Traveling
When you’re traveling for business, it’s essential that you have access to
the files and information that you need. However, you should never have
more files than are absolutely necessary for your trip. If your laptop
becomes lost or is compromised in some other way, every file on the
computer is now at risk; the fewer files stored on the computer, the
better. Your best option is to use secure, encrypted, cloud-based document
management software. This will give you full access to all the documents
you need without having to store them directly on your computer.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160308/952844b9/attachment.html>
More information about the BreachExchange
mailing list