by Craig S. Mullins
As you work to protect your data in this day-
Usually I write about technology but the non-
First up, buy an industrial paper shredder and make sure your staff uses it. If you don't shred, you will expose yourself to a breach by dumpster divers. Business users should be shredding reports with sensitive data instead of just pitching them in the trash. And technical people may need to be doing the same. Even test data, if it was drawn from a production source (and not masked) can be sensitive, and programmers should not just be tossing their test results into the trash where anyone can come along and pluck out juicy morsels of data.
Next up, be aware of your environment. This is mostly for the travelers out there (and I am one of them). We fire up our laptops literally everywhere. When you do so at an airport (for example), are you aware of the people around you and whether they can see what is on your screen? A lot of sensitive data can be lost simply when the wrong person looks over the right person's shoulder. So huddle up in the corner, consider buying an anti-
Be careful in how you dress. Okay, you might be thinking, what the heck is he getting at here? Well, a lot of us in the business world have shirts with our company logo on them. And we wear them proudly, as we should. But if you are wearing that shirt and using your PC, that person surreptitiously viewing your data can more easily place it in context if they know where you work. A lot of us even have those little property ID tags on our laptops. They were put there with the best of intentions -
Of course, in the worst case scenario, if a hacker finds your stolen laptop, the tag tells them exactly where the laptop came from and they will adjust their interest level accordingly. I suppose if you were really worried you could just have an anonymous postal box listed for the return of lost equipment and not put your company name on the ID tag at all.
And what about your security badges? Those ones you need to get into and out of your building? Do you wear them out to lunch? Someone intent on gaining access to the building to steal your data will be able to see what they look like ... and possibly make a cheap (or expensive) lookalike and then tailgate his way into your building. Company policy should state that you do not wear your access badge outside of the company at all -
Well, that is enough grousing about non-
From Database Trends and Applications, April 2010.
© 2012 Craig S. Mullins,