With all of the recent cyber security breaches in the news, it's easy to get caught up in the "technical" side of information security. Sure, there is a lot of work to be done to keep your information safe from hackers and malicious software programs, however, there's another side to the coin, and that's physical security. Many offices don't enforce best practices for physical information security, and frankly may just not be aware of them. As their MSP, your job is to educate them on these best practices, both from a technology standpoint and from a physical standpoint.
So, time to put your knowledge to the test. Can you find the 13 security flaws in this picture?
So, think you spotted them all? Click below to check your answers.
- Computer screen left on with no password protection - passerby has access to information on the device
- Unshredded files in trash could contain sensitive information
- File cabinet open - easy for someone to steal sensitive information
- Cell phone left out in the open - may display sensitive information and/or can be easily stolen
- Notes left on whiteboard - could contain confidential product updates, information or ideas
- Backpack left out and open
- Usernames and passwords left out in the open
- Key to locked drawer left out in the open - easy access to confidential files
- Calendar out in the open - could contain sensitive dates and/or information
- Credit card left out on desk
- Documents left out on desk that could contatin sensitive information
- USB drive left out in the open
- Wallet left on desk
While some of these may seem like obvious fixes, and some of these may seem redundant, it's important for all of your employees to understand where company and/or personal data can be easily stolen. Maybe it's a repairman in your office who sees the opportunity to steal confidential personal data, maybe it's just an office visitor who glances over and sees confidential information out in the open. Either way, there needs to be someone to conduct cyber security training as well as physical security training to educate employees on security best practices—and for your clients, that responsibility typically falls on you as their MSP.