News release: 21 October 2014
Source: Alan Calder – IT Governance
Here are 8 data security awareness tips for you to use in your business. Use them to inspire positive change in behaviour and raise awareness within your organisation:
1 – Employees are your No.1 Cyber Security Threat
Helping your staff to understand the part they play in keeping your information secure is an essential first step. Lack of understanding and awareness amongst employees may mean that the organisation is exposed to phishing, pharming and social engineering attacks.
2- Information Security is as simple as A B C
80% of cyber attacks could have been prevented through basic security hygiene. Make sure staff are aware of simple measures that could be the difference between a cyber attack or an ‘attempted‘ cyber attack.
3 – Passwords are like pants …
Don’t let others see them / Change them regularly / And don’t loan them out to strangers….
Remind staff of your password policy. A zero tolerance approach to sharing passwords and writing them down on post-it notes will help eliminate unauthorised access to sensitive information.
4 – Password Hangman
Forcing the use of strong passwords and regular changes will further reinforce your security.
5 – Tailgating: How close is too close?
Unauthorised access within your secure perimeter could result in sensitive information ending up in the wrong hands. Make sure staff are aware of your secure perimeter and encourage them to challenge or report people who are not supposed to be there.
6 – A clear desk, a clear mind …
Introducing a ‘clear desk policy’ to ensure confidential information is locked away or disposed of securely will reduce the risk of theft. Do your cleaning contractors check the security clearance of their staff? Probably not.
7 – Secure mobile devices
No matter what controls you put in place, it’s inevitable that someone will lose (through theft or clumsiness) a laptop or other mobile device. Use encryption technology, to secure mobile devices. Find out more here >>
8 – Don’t say anything online …
Social Media, when used appropriately, offers organisations sales and marketing opportunities that are very effective. Remind staff of your social media policy and ensure it covers what can and cannot be said about your organisation online. You also need to ensure nothing sensitive or confidential is shared online.
JMS Secure Data response to article;
As the saying goes… prevention is better than cure so deployment of the above tips in any data controlling business will raise data security awareness amongst its employees. Tip 7 in our view is the most important as a breach in this area can lead to the reputation of a business being tarnished for failing to have systems and software in place for mobile devises.
