Hacking is in the news again with both individuals and large organizations being hacked.
In response to the increasing frequency of these attacks, the field of cybersecurity is rapidly improving our defense capabilities by developing state-of-the-art technology, such as antivirus and anti-spyware software, and much more.
However, while the development of innovative technology is the current focus of cybersecurity experts, there are things you can do to help protect both your personal information and any sensitive information you may handle at the office. These “physical security” practices can also protect your property, such as, phones and other mobile devices, computers, and paper documents.
Lock your devices and computers.
When you are away from your computer, lock it. Leaving it unlocked risks unauthorized individuals accessing your personal and company data. Lock your smaller, mobile devices in a drawer or cabinet. Unlocked devices puts your photos, passwords, financial and health information, and more at risk. Get into the habit of locking your computer and mobile devices. Even if it is a short trip to the bathroom or the break room for a cup of coffee, lock them. If you don’t always remember, take advantage of the settings that lock your computer and devices automatically after a period of inactivity.
Protect your phones, tablets, computers, and other mobile devices.
I recommend that you implement strong passwords on all your mobile devices. Also, be conscious of where your mobile devices are at all times. Do not keep your laptop in your car for extended periods or leave your gym locker unlocked with your mobile devices in it.
Always back up your files by saving them to a portable storage device or in a secure digital environment at work. That way, you will always have copies of the information on your device. Tracking software is also available that can help you trace your stolen device.
Secure your paperwork, or go paperless.
By turning to technology to replace your file cabinet, you reduce the risk of someone finding sensitive statements containing banking information, social security numbers, phone numbers, and more. Keep paper copies of essential information in a secure place, such as a safe or safety deposit box. Shred any paperwork you do not need. Avoid discarding it in the trash.
Have a “clean desk” policy.
Make clearing your desk – both at home and at work – part of your daily routine to ensure that you lock away all sensitive information when you leave your office. Here are a few simple steps you can follow:
- Lock away all sensitive papers (spreadsheets, invoices, etc.).
- Lock computer(s) and other electronic devices.
- Make sure you secure keys used to access restricted areas.
- Lock mobile devices in cabinet or desk drawer.
- Don’t keep passwords on sticky notes on, under or near your computer or mobile device.
- Erase whiteboards containing sensitive information.
“If you see something, say something.”
The “gut feeling” is one of the most useful tools when it comes to security. In general, if you find something feels odd or possibly harmful to you or your organization, report it! Security professionals appreciate when they receive reports like this; it can prevent a security breach and can even save a life.
Because they require repetition and constant awareness, these suggestions for physically securing your work and home environments may seem tedious. Try them…they can make a difference.
William Koester is an intern on the UVM Medical Center Information Security team. He is a student at Mercyhurst University in Pennsylvania, majoring in Intelligence Studies and Public Health. When he’s not thinking about information security and school, he enjoys mountain biking and hiking.