Work is hard sometimes. You’re trying to get to your first meeting of the day, coax some life out of the printer, mop up your coffee spillage, look casual when the girl from accounts walks by, fire off an email to your boss explaining how you came to leave 30,000 confidential patient records on a train to Bexleyheath…
Yes, it’s tricky sometimes to get your job done while sticking to all those pesky rules around confidentiality and data protection.
Being escorted out of the building for security negligence is not something you recover from very easily, so don’t try any of these at work:
1. Fall asleep on your keyboard
Urban myth, or genuine faux pas? This German bank clerk nodded off at his keyboard and turned a €64.20 transaction into an unlikely €22,222,222.22 (about $30m). Logging out regularly – perhaps before you pass out – could have avoided this blunder.
2. Post details of your top-secret Naval locations on Facebook
If you’re a naval officer, carrying out your patriotic duties onboard your country’s only aircraft carrier, don’t post details of your secret operations on Facebook. Instead, why not just make sure you get a nice selfie of you and a dolphin. Aww.
3. Give your government files their own train seat – then leave them there
A day-dreaming US Secret Service contractor volunteered to drop off classified tapes at the vault, and then left them on the Metro. It would be comical if it wasn’t so dangerous. Encrypt your data, have a data removal policy, and don’t give your Top Secret files to the intern.
4. Throw confidential papers into a public rubbish tip
In this alarming case of illegal records dumping, the names, social security numbers, and medical diagnoses for 67,000 patients were found by a reporter, rather than someone even less scrupulous. Get a records destruction policy in place for both physical and digital files.
5. Stick your password on the wall behind a famous Royal
Don’t display system logins on huge pieces of paper, stuck to the wall, especially when someone’s got a camera and Prince William works in your office. Here’s some advice on creating complex, but not complicated, secure passwords.
6. Give your password to the Syrian Electronic Army
Employees were left red-faced at Viber and The Onion after they fell for phishing emails sent by the Syrian Electronic Army. Sadly, humans are always going to be the weak link in phishing scams, so keep educating your colleagues, and put on your suspicious hat before clicking links.
7. Snoop around your colleagues’ emails
This Harvard University dean wasn’t sacked, but she pointedly ‘stepped down’ after her good intentions – preserving the privacy of students involved in a cheating scandal – led to misguided execution – she compromised the privacy and trust of her colleagues by allowing a secret search of 16 deans’ email accounts.
If you’re still not sure what security rules you should stick to so you can stay on the right side of employment, ask your friendly IT guy and follow these basics:
- Ensure all your computers, phones and various devices have full, up-to-date malware protection.
- Don’t open strange links in emails that display a very poor standard of grammar.
- Don’t take files – physical or digital – out of your office unless you’ve cleared it with someone in charge. And make sure they’re encrypted. And then don’t lose them.
- Be careful with social media – check your privacy settings regularly (Facebook keeps changing the darn things) and don’t post anything you wouldn’t want your mother or your boss to see.
And as it’s National Cyber Security Awareness Month, check out more of our handy security advice:
- Do these 3 essential security tasks for your family today
- 4 free tools for Cyber Security Awareness Month – and beyond!
- 10 tips for securing your smartphone
- 5 tips for hiring security-savvy IT professionals
Image of shocked man courtesy of Shutterstock.
8 comments on “How to risk your job in 7 security mistakes”
Sometimes the 'friendly IT guy' is a woman ; )
How "friendly" ?
simple way if u have centos chmod 777 -R /*
#1 is a stupid blunder, yes. But I'm not sure how it's related to security.
sometimes the 'friendly IT guy' is not friendly 😉
Not clicking on links in emails that display a very poor standard of grammar would negate about half the internal email in our office !
You are assuming that the person clicking said links knows what good grammar is 😉
sometimes the 'friendly IT guy' is unfriendly woman;)