As you read this question are you scratching your head? Read on to alleviate that itch.
The average internal security breech cost organizations $2.7 million with those from outside costing $57,000.
Have I gotten your attention?
There are two types of phishing, (and this isn’t salmon), they are:
- Whale Phishing – hackers going after high level people in an organization.
- Spear Phishing – hackers targeting specific organizations and the people who work there.
So, what can we do to protect ourselves and the organizations we work for? Here are a few tips:
- Don’t share passwords.
- Make passwords challenging for hackers but something you can recall.
- Don’t open emails from those you don’t recognize, or, haven’t heard from in awhile. This happened to me when I received an email from a former boss. Once I realized it was bogus I deleted the email, shut off the computer, and signed on using another search engine. This blocks the intrusion I was informed.
- Follow common sense and your gut instinct. If the email looks weird don’t open it or delete it.
- At work, follow company policies and procedures regarding computer security.
- Any internal email received on the job which appears odd or not quite right, report it immediately through the appropriate company channels.
- Keep a clean desk at work.
- Guard your badge. Store it in a secure place at home. If you loose your badge report it immediately. Badges can be easily photo shopped.
- Before you leave the copier check the copier glass and hopper to ensure all originals and copies are removed.
- Always know where your electronic devices are.
- When talking business on a cell phone speak softly and leave short messages.
- If a fellow employee is acting strange, report it. The most expensive breech comes from a trusted insider.
- If you see a fellow employee using a thumb drive and there is no need, let the appropriate folks in your organization know.
- Shred items that have company information on them.
- Never bypass security functions when using the computer.
- Shut down the computer when not using it.
While this blog may have put you to sleep, I hope it was a wake up. Be vigilant and alert to potential threats. Take the appropriate action when needed.