Many businesses today don't enforce digital, let alone, physical information security. As their Managed Service Provider (MSP), our job is to educate clients on the industry's best practices.It’s time to put your knowledge to the test, can you find the six security flaws hidden in this picture?
What Does a Messy Desk and IT Security Flaws Have in Common?
This question might sound like the set-up of a bad joke, but these are real scenarios our engineering staff encounter every day, including repairing the damage done when cybercriminals are entering your network. Employees with cluttered desks tend to leave USB drives and cell phones out in the open, forgetting to physically secure these, along with vacant desktops, or laptops.
1. No Password Protection
From the start, we can see that this computer and monitor were left without any password protection, or logging out. Anyone passing by can easily gain access to the information your system possesses, making it critical to lock down security flaws in computers, including minimizing email clients.
2. Usernames and Passwords Left Out in the Open
Usernames and passwords should NEVER be written down on post-it notes and visible to all, this includes viewable from outside your windows! If a non-employee were to see this information, they could easily use it to log into the corporate network or gain access to the company’s confidential information. In today's digital age, security flaws like this can make or break a company's reputation.
3. Un-Stowed Documents
Notes and documents should be filed away from the view of prying eyes. These documents might not contain YOUR private information, but rather company secrets, updates or ideas. File or organize your documents, regardless of digital or physical copies to keep them away from prying eyes.
4. Keys to the Castle
Often, those tiny keys that you find at the bottom of your desk, aren't to the supply closet! Keep your cabinet, desk, drawer, or bookshelf, locked with the key on your keyring. Without it being somewhere secure, it becomes extremely easy for anyone to steal, or view confidential files.
5. Where's My Wallet?
For most employees, mistake #5 is the most common. Likely to impact the employee, is leaving wallets, or worse, credit cards out on the desk, many executives do this, all the time. More commonly with wallets, corporate credit cards and security badges give intruders access to the office or company finances.
6. USB Sticks, Cell Phones, Tablets
Last but certainly not least, is setting important personal devices out in the open. Dangerous, because these items can be easily picked up without being caught in the act. Typically, these mobile devices such as cell phones, tablets, USB drives, all contain some level of sensitive business or personal information. Mobile security has grown at an alarming rate, with many business owners, neglecting a to adopt Bring Your Own Device (BYOD) environments. In some cases where businesses don't offer BYOD, employees often log onto business networks on their own. Swiping a mobile device from the desk could allow access to sensitive information from such companies as Microsoft, Google, AT&T, Verizon, etc.
While some of these may seem like obvious and redundant fixes, it's critical for employees to understand where company/personal data can be stolen. Maybe it's just an office-visitor, who glances over and sees confidential information out in the open. Regardless, someone to conduct cybersecurity training as well as physical security training to educate employees on the security best practices for your industry.