Stop Cyber-Pickpockets From Stealing Your DataBy Guest Author | Posted 2015-10-15 Email Print
Modernizing Authentication — What It Takes to Transform Secure Access
Don’t let your employees be easy victims of cyber-criminals. Inform, equip and empower them to be vigilant guardians of your company’s ideas and information.
Mobile workers should also be instructed to disable Bluetooth and WiFi when they’re not in use. As the U.S. Computer Emergency Readiness Team pointed out, mobile devices become discoverable to malicious individuals when Bluetooth is enabled. Attackers can also use WiFi access, especially around public WiFi hotspots, to intercept unencrypted data.
Beyond policies, a number of basic tools can help protect information in both public and private settings. One safeguard that every company can and should immediately begin using is a privacy filter. These devices are easy to use—they slide right over a computer screen or apply to a mobile device screen via an adhesive—and help maintain workers’ visual privacy by blocking the angled views of potential onlookers.
While none of these changes will prevent a cyber-security incident, each helps promote the goal of keeping your sensitive information private.
Reinforce Through Training
We learn the importance of protecting our personal and financial information throughout our lives—from family and friends, from news stories about data breaches, and from the banks and other organizations that handle our data. But the same can’t be said about our work lives.
For many workers, education about the importance of protecting corporate information begins and ends with the employee orientation. As a result, protecting information simply isn’t a top-of-mind priority for them.
A strong commitment to training can change that. At the very least, workers should receive annual training about the proper handling and protection of company information. Additional training should also be provided as policies change and new tools are introduced, and prior to major company events, such as new product introductions, or mergers and acquisitions.
Changing employee behavior can be difficult, even with regular training. It’s important that you reinforce training through additional awareness and internal communications efforts. Company executives command authority among workers and can be especially effective contributors to these efforts, such as through employee memos or videos.
Training should also extend to your consultants and other third-party agencies. The outside organizations you work with may already have nondisclosure agreements in place, but do you know the steps they’re taking to enforce those agreements?
For example, some consultants rely on their ability to promote their work with one client to secure work for another. But that shouldn’t come at the expense of your company’s sensitive information. You need to examine their policies and methods to ensure that their privacy efforts align with your expectations.
Protecting Your Assets
Your employees are your most valuable assets. Unfortunately, malicious individuals know this. Like pickpockets roaming the bustling tourist areas of Paris or Amsterdam, hackers are hiding in plain sight waiting for the right opportunity to pounce.
Don’t let your employees be easy victims. Inform, equip and empower them to be vigilant guardians of your company’s most important, closely held ideas and information.
John Brenberg is the information security and compliance manager at 3M and a member of the Visual Privacy Advisory Council.