Knuckle Up! Guard your space and be digitally safe
Keeping safe digitally requires physical protections. The cloud is a physical place, servers in data centers, not some magical mist out in the ether. In fact, the physical nature of the cloud is so important that we provide low latency connections direct to cloud providers like AWS and Microsoft. Edge computing is bringing storage and processing closer to places where it’s needed much like CDN (Content Delivery Networks) and caching which brings content like webpages and videos to you faster.
Data center location is not the only thing to be aware of in your cybersecurity strategy. Users are both your greatest ally and adversary. Keeping your end user aware of his or her surroundings and the impact it can have on organizational health is crucial. Making sure they know the impact of their safety on others including compliance is crucial. Leaving behind wallets, purses, and phones can expose sensitive company data which could be prevent through mindful awareness.
Today, we discuss a lot about oversharing on social media because knowledge is power. Sharing on social media can give the bad guys the info they need to successfully commit a crime like a home break in when you’ve posted about your vacation. Shoulder surfing and tailgating are issues that are frequently overlooked and can have negative impacts like fines, reputational damage, and worse. In fact, the goal of Security Awareness Training is to highlight the little things and how impactful they can be, not to scare end users. Keeping folks safe in day to day life keeps business safe.
Texting and Walking – Sounds silly but this is a big problem. Living in your phone leaves you vulnerable in the real world. Can you believe that in 2017 nearly 6,000 people died from texting and walking. This also makes you a potential target of would be wrongdoers, robbers, purse snatchers, etc. Making eye contact with a thief is one of the best deterrents from the crime. Walking on the other side of the street, repositioning your purse, tucking in your jewelry… all of those work but only if you’re paying enough attention to be aware of the potential threat.
Screen Position & Voice Volume – Whether you’re talking too loudly on the phone while discussing sensitive data or have your screen positioned in a way that others can see, inadvertently exposing data is not cool! Have you ever heard your dentist speaking to another client or saw banking information on a screen that you shouldn’t be able to view? If you have, you’ve witnessed one of cybersecurity’s biggest party fouls. *When aging people tend to use larger font to see text and have the volume higher on phones during conversation. Just because you can’t see or hear it well doesn’t mean others can not. Basically, Yes! I can hear you when your phone isn’t on ‘speaker’ but the volume is all the way up… I hear it loud and clear and can make out every word without having superhuman hearing abilities.
Shoulder Surfing and Tailgating – Ever cheat on a test by looking over a classmate’s shoulder? Ever follow someone in the turnstile at the subway to get the 2-for1 special? These are prime examples of shoulder surfing and tailgating, giving unauthorized people access to data or areas they don’t have the permission to obtain. In data centers, government buildings, and other sensitive sites, mantraps are used to prevent tailgating by making sure only one person has access at a time. Sound proofing and sound masking helps muffle sounds so unauthorized users can’t hear sensitive data.
Sound like overkill? Probably not if you knew the fines for not being compliant with HIPAA, DFS 500, SOX, SAE, etc. Those fines can absolutely crush a small business. Keeping files secured safely and backed up is just as important as someone being able to see a screen where sensitive information is displayed. I’m shocked how many banks, doctors, and dentist offices I walk by and can see information that I should not see. To report a violation or learn more about that process you can visit the Department of Health and Human Services.
Three factor authentication requires something you know, something you have, and something you are. What you know can be a password. What you are can be biometric like a fingerprint or retina scan. What you have can be a key, fob, or phone. Passwords should always be complex and kept secret. Unless you’re in a James Bond movie carrying a suitcase handcuffed to your wrist, something you have and something you are should be kept separate. Together, these three can be used to not only secure files digitally but to secure locations like a data center or office.
Be aware of your physical surroundings, whether planning out a data center strategy or walking to your car, it is important to be mindful of your environments including any possible threats. The old school methods are tried and true. Don’t let people into buildings that you don’t know. Make sure nobody is looking over your shoulder when you’re accessing sensitive information, in fact, don’t even do it unless you’re in a safe place Be aware of your physical surroundings, whether planning out a data center strategy or walking to your car, it is important to be mindful of your environments including any possible threats. The old school methods are tried and true. Don’t let people into buildings that you don’t know. Make sure nobody is looking over your shoulder when you’re accessing sensitive information, in fact, don’t even do it unless you’re in a safe place