10 Everyday Work Habits that Put You at Risk
According to a Bloomberg Business story, a cyber criminal can crack a six-character password that has all lowercase letters in just 10 minutes.
Using simple passwords like that is one of many common work habits that put you and your organization at risk for a data breach. Today, office security tips underline the importance of changing bad habits.
In a recent report by Ponemon and Experian called Managing Insider Risk through Training & Culture, 66% of professionals said their employees are the weakest link in their organizations' security efforts.
Here are 10 everyday, bad work habits that increase the risk of a data breach – and ways to change them.
- Using easy-to-guess passwords. According to the 2017 Verizon Data Breach Investigations Report (DBIR), 80% of hacking-related breaches leveraged either stolen passwords and/or weak or guessable passwords. The best passwords should be at least 9 characters and contain a combination of numbers, symbols and upper and lower case letters.
- Forgetting print-outs at the office printer. Whether you print a document but wait until later to pick it up or forget materials in the printer tray, confidential information is being exposed. Shred-it’s Information Security Office Reminders includes always remembering to take printed materials from the printer.
- Leaving work out on your desk for tomorrow. This habit provides an opportunity for visual hacking and physical theft. Every workplace should enforce a Clean Desk Policy with desks cleared and confidential data locked away at the end of every day.
- Opening email attachments from someone you don’t know. The DBIR found that about 1 in 14 users are tricked by phishing emails, and 25% of them go on to be further duped. Learn how to spot phishing emails, and to resist clicking on questionable links or attachments.
- Tossing out old mobile devices. Even if you delete confidential data, information thieves can recover it from hard drives using special software. Partner with a recognized document destruction provider for secure hard drive destruction.
- Downloading unapproved apps. Many employees download apps for personal use onto their work devices. But many apps do not have proper security. Consult with the IT department first, or download to personal devices only.
- Delaying patches and updates. Security patches and updates protect computers from current known threats. Don't put it off - patch right away.
- Not backing up files. Anyone targeted by a ransomware attack may lose their important files. Back up files regularly, and store data in a safe place.
- Using public Wi-Fi to access confidential data. In a Harris Interactive survey, 31% of employees admitted to connecting to their company’s network from unsecured free or public Wi-Fi. But ‘public’ means you are more vulnerable to an attack. Don’t do it.
- Throwing paper documents into the recycling bin. Insider fraudsters and dumpster divers may steal this information. A document destruction company provides a secure destruction process including locked consoles. A Shred-it All Policy will stipulate that all documents are destroyed when no longer needed.
Start Protecting Your Business
To learn more about how Shred-it can protect your documents and hard drives, please contact us to get a free quote and security risk assessment.