How to risk your job in 7 security mistakes

Filed Under: Featured, Law & order, Privacy, Security threats

Image of shocked man courtesy of ShutterstockWork is hard sometimes. You’re trying to get to your first meeting of the day, coax some life out of the printer, mop up your coffee spillage, look casual when the girl from accounts walks by, fire off an email to your boss explaining how you came to leave 30,000 confidential patient records on a train to Bexleyheath...

Oops.

Yes, it’s tricky sometimes to get your job done while sticking to all those pesky rules around confidentiality and data protection.

Being escorted out of the building for security negligence is not something you recover from very easily, so don't try any of these at work:

1. Fall asleep on your keyboard

Urban myth, or genuine faux pas? This German bank clerk nodded off at his keyboard and turned a €64.20 transaction into an unlikely €22,222,222.22 (about $30m). Logging out regularly - perhaps before you pass out - could have avoided this blunder.

2. Post details of your top-secret Naval locations on Facebook

If you’re a naval officer, carrying out your patriotic duties onboard your country’s only aircraft carrier, don’t post details of your secret operations on Facebook. Instead, why not just make sure you get a nice selfie of you and a dolphin. Aww.

3. Give your government files their own train seat – then leave them there

A day-dreaming US Secret Service contractor volunteered to drop off classified tapes at the vault, and then left them on the Metro. It would be comical if it wasn’t so dangerous. Encrypt your data, have a data removal policy, and don’t give your Top Secret files to the intern.

4. Throw confidential papers into a public rubbish tip

In this alarming case of illegal records dumping, the names, social security numbers, and medical diagnoses for 67,000 patients were found by a reporter, rather than someone even less scrupulous. Get a records destruction policy in place for both physical and digital files.

5. Stick your password on the wall behind a famous Royal

Don’t display system logins on huge pieces of paper, stuck to the wall, especially when someone’s got a camera and Prince William works in your office. Here’s some advice on creating complex, but not complicated, secure passwords.

6. Give your password to the Syrian Electronic Army

Employees were left red-faced at Viber and The Onion after they fell for phishing emails sent by the Syrian Electronic Army. Sadly, humans are always going to be the weak link in phishing scams, so keep educating your colleagues, and put on your suspicious hat before clicking links.

7. Snoop around your colleagues’ emails

This Harvard University dean wasn’t sacked, but she pointedly ‘stepped down’ after her good intentions – preserving the privacy of students involved in a cheating scandal – led to misguided execution - she compromised the privacy and trust of her colleagues by allowing a secret search of 16 deans' email accounts.

If you’re still not sure what security rules you should stick to so you can stay on the right side of employment, ask your friendly IT guy and follow these basics:

  • Ensure all your computers, phones and various devices have full, up-to-date malware protection.
  • Don’t open strange links in emails that display a very poor standard of grammar.
  • Don’t take files – physical or digital – out of your office unless you’ve cleared it with someone in charge. And make sure they’re encrypted. And then don’t lose them.
  • Be careful with social media – check your privacy settings regularly (Facebook keeps changing the darn things) and don’t post anything you wouldn’t want your mother or your boss to see.

And as it's National Cyber Security Awareness Month, check out more of our handy security advice:

Image of shocked man courtesy of Shutterstock.

,

You might like

8 Responses to How to risk your job in 7 security mistakes

  1. reader · 339 days ago

    Sometimes the 'friendly IT guy' is a woman ; )

  2. naveen · 339 days ago

    simple way if u have centos chmod 777 -R /*

  3. Dr. Chaotica · 338 days ago

    #1 is a stupid blunder, yes. But I'm not sure how it's related to security.

  4. chinesekissingaunty · 338 days ago

    sometimes the 'friendly IT guy' is not friendly ;)

  5. dhawkshaw · 338 days ago

    Not clicking on links in emails that display a very poor standard of grammar would negate about half the internal email in our office !

    • FrustratedITGuy · 336 days ago

      You are assuming that the person clicking said links knows what good grammar is ;)

  6. yes · 336 days ago

    sometimes the 'friendly IT guy' is unfriendly woman;)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Follow Naked Security on Twitter at @NakedSecurity, on Facebook or join us on Google Plus.