True North Networks Blog
Cybersecurity in the Workplace is Everyone’s Business
Working for a Managed Service Provider, our engineers see and deal with lots of “mistakes” that our clients make in the workplace. In honor of last month being Cybersecurity Month, read below to see common mistakes that you may be making that your MSP secretly wishes you wouldn’t make.
- Lock your computer
Plenty of people lock their computers when they walk away from their desks, but enough people don’t bother - that this one is top of my list. Remember to lock your computer! To lock your Windows computer use CTRL+ALT+DEL and select Lock, or press ⊞+L. (That square character is the key with the Windows logo on it.)
- Loose lips sink ships
It’s easy to leak information by accidentally sending things to the wrong people, saying the wrong thing in the wrong place, mislaying printed documents or leaving meeting rooms without erasing whiteboards.
Re-read what you’re about to sending in emails, instant messages or texts, and make sure that what you’re about to send will go to your intended recipients. Review files before attaching them – it’s easy to leak sensitive information if it’s in a small section of a much bigger spreadsheet or document. Erase the whiteboard before you leave a meeting room to ensure nothing confidential will find its way onto the mobile phone of a camera-happy passer-by.
- Save regularly
Saving things regularly, to the appropriate place – such as network drives – ensures that the data you have is secure in the event that your laptop is stolen. Your MSP will make sure your work laptop is encrypted so that your data won’t end up in the wrong hands if your laptop is lost or stolen, but we can’t recover your data if you haven’t saved it somewhere safe and secure where we can keep an eye on it for you.
- Separate personal and professional
If you use your home email, personal messaging account, or anything else outside the reach of your IT’s policies, for work, then we can’t protect you and you’ll be answerable for the consequences. If you use your work computer, email or phone for personal stuff, for eBay, PayPal, pictures of your kids and pets, it won’t be there if you leave the company and can cause potential security issues as well.
The principle of least privilege applies – we don’t need access to your personal stuff so we shouldn’t have it.
- Tell us what happened (seriously, tell us everything)
Finally, if you have to report something to your MSP, please don’t cut down or amend your story. Something small and insignificant can drastically change the troubleshooting steps we need to go through and even a small detail missed can reduce our efficiency and effectiveness.
We want to know literally everything you can remember before and after an event to build a better picture of what happened. (We will find it eventually and be annoyed you didn’t share!)
We’re on your side, and we’d love to have you on ours – we’re all in this together.
Resources taken from: https://nakedsecurity.sophos.com/2017/10/09/how-to-do-cybersecurity-at-work/