As you read this question are you scratching your head? Read on to alleviate that itch.

• 

The average internal security breech cost organizations $2.7 million with those from outside costing $57,000.

Have I gotten your attention?

There are two types of phishing, (and this isn’t salmon), they are:

• Whale Phishing – hackers going after high level people in an organization.
• Spear Phishing – hackers targeting specific organizations and the people who work there.

So, what can we do to protect ourselves and the organizations we work for? Here are a few tips:

• Don’t share passwords.
• Make passwords challenging for hackers but something you can recall.
• Don’t open emails from those you don’t recognize, or, haven’t heard from in awhile. This happened to me when I received an email from a former boss. Once I realized it was bogus I deleted the email, shut off the computer, and signed on using another search engine. This blocks the intrusion I was informed.
• Follow common sense and your gut instinct. If the email looks weird don’t open it or delete it.
• At work, follow company policies and procedures regarding computer security.
• Any internal email received on the job which appears odd or not quite right, report it immediately through the appropriate company channels.
• Keep a clean desk at work.
• Guard your badge. Store it in a secure place at home. If you loose your badge report it immediately. Badges can be easily photo shopped.
• Before you leave the copier check the copier glass and hopper to ensure all originals and copies are removed.
• Always know where your electronic devices are.
• When talking business on a cell phone speak softly and leave short messages.
• If a fellow employee is acting strange, report it. The most expensive breech comes from a trusted insider.
• If you see a fellow employee using a thumb drive and there is no need, let the appropriate folks in your organization know.
• Shred items that have company information on them.
• Never bypass security functions when using the computer.
• Shut down the computer when not using it.

While this blog may have put you to sleep, I hope it was a wake up. Be vigilant and alert to potential threats. Take the appropriate action when needed.