IT Security Isn’t Only About Your Computer
Non-Technical Security: In the Office
What is non-technical security? It simply means using strong judgment in everyday situations and asking questions when more information is needed. Let’s explore a few non-technical security practices you can use while working in the office.
1. Secure Disposal
Hard copies of sensitive information are still sometimes necessary, even in a world where everything has gone digital. Be sure to properly dispose of those copies when no longer needed. Don’t just toss them in the trash or recycle bin. Destroy them beyond recognition, such as with a paper shredder, so they can’t be retrieved by unauthorized people.
2. Malicious USB
Imagine finding a USB flash drive in a lobby or parking lot. How tempting would it be to insert that drive into your computer and see what’s on it? Attackers know this temptation is universal and intentionally create malicious, portable storage devices to drop in places where they will be found. Plugging in an infected drive could compromise our entire organization and is no different than clicking a malicious link in a phishing email.
3. Badges
Identification badges and keycards are similar to passwords in that they provide access to something. They are the physical credentials that allow you to enter controlled areas. Treat them like passwords by never sharing them for any reason. When you access a secured area, make sure the door closes behind you and no one else slips in.
4. Unauthorized Individuals
Occasionally, service technicians will need physical access to certain areas. However, if you notice an unknown person, don’t assume they have the right to be there. Verify their identity, and check with management for further clarification. This will help prevent imposters from gaining unauthorized access to our organization.
Just as you should always have your guard up online, you should do the same in the office. We hope you find these tips helpful in keeping your information safe while at the office. When in doubt, always ask IT.