Viruses and cybercriminals are real security threats.
Those threats are familiar and a focal point for many managed network providers.
I'm here to tell you that securing your digital information doesn't end with software and your networks. They aren’t the only threats to your business’ information security.
Is your information security program robust enough to protect yourself from the carelessness – or maliciousness – of your employees? Even the smartest among us have accidentally opened a spam email or lost (or come close to losing) a phone or laptop – and who hasn’t circumvented security by sharing documents via Dropbox, Google Docs, or similar tools?
But beyond these digital security threats, there are four easily-overlooked physical security lapses that can easily be prevented with a small amount of foresight.
Written-Down Passwords - “warningpoint2”
Everyone’s written down a password at some point in their lives – there are so many to keep track of. However, writing down a work password and then sticking it to your monitor or bulletin board with a sticky note is not (to put it lightly) a good idea. Take a walk around your office and see how many passwords are openly visible on workers’ desks. Gently ask them to at LEAST place them out of side inside of a folder or drawer and encourage them to use one of the many password apps available.
Don't think this doesn't happen? Remember the accidental nuclear launch alert in Hawaii back in January? Photos from the HEMA office showed Post-it notes with passwords stuck to monitors. You could even read one of them: warningpoint2 (at least it wasn't “password”).
Whiteboards are great for collaborative brainstorming. Sometimes, that could involve client names, billing information, and other sensitive information. Now, imagine the damage should you have a video conference with the whiteboard (complete with information that should be secure) as the backdrop. Encourage the routine erasure of whiteboards – especially of sensitive information.
Also, be sure whiteboards are hidden from view from windows and hallways: one never knows where prying eyes could be lurking.
Sensitive Documents in the Open
Client contracts are routinely left on desks and in printer or copier output trays. Complete with billing terms, they could be a treasure trove of information to competitors. Sensitive documents should be retrieved promptly when printed and shredded or locked up when no longer needed or not being used. And when you lock up those documents, don’t leave the key in the lock!
Don’t “hide” an access card under your keyboard. Employees should keep access cards with them at all times (lanyards are good for this, of course). Criminals disguised as delivery personnel can gain access to offices. They know where to look for keys and cards that can give them entry into your office after hours.
Information security isn't just about hardware and software. Don't forget physical security by overlooking these four potential ways your office could be breached.