Generic Staff Orientation: Security

Information Security

securityConsider the confidential information you have access to, whether you actually access it or not. If your machine, or account, is accessed, all that information is wide open to any person of evil, or even prank, intent. Not a good thing! To an evil hacker, access to any point in the network opens up a much easier route to hacking the rest of the network. Don’t be the weakest link! Your account can be the key to an infiltration of the most secretive parts of the network. Let’s not be in the news like Target was in December 2013, or banks and other institutions over the last few years. In many of these cases, a weak password of a “non-financial” person was the key to the breech.

Good passwords meet these requirements:

  1. Easy for you to remember. So easy that it never needs to be written down, not even the first time
  2. Impossible for anyone else to guess
  3. Not subject to automated attacks
  4. Never written down or shared. Your password is your password. You are 100% responsible for it’s use (both good and bad)
  5. Not reused. Unique passwords for each site

See “passwords” in the Knowledgebase for more information, but here’s a really simple key: a  l-o-n-g  password is always better than something short, even if if the short password is very complex.

Walking away from your machine: Lock (Windows + L). A passworded screen-saver is also a good idea for when you forget (10-15 minutes is a long time for someone with evil intent. Some organizations choose times as short a 2-3 minutes)

At the end of the day, be sure to close programs and log out. (not just lock)

One thought on “Generic Staff Orientation: Security

  1. Pingback: Generic Staff Orientation: Information Sharing | Tony Dye

Comments are closed.