Oct. 26, 2007
By Sean O'Malley
Editor's note: Through October, the Office of Information Technology will offer information security best practices in observance of National Cyber Security Awareness Month.
Quick, what is the least secure part of your computer?
If your answer was the operating system, the hard drive, the network card or any other "part" of the actual computer, you're wrong.
"The least secure part of any computer system is the person using that computer," says OIT senior security analyst Ed Carter.
Focusing only on the computer can be a mistake, Carter notes. "It's the information that has value, more so than the system," he says. "Protecting your computer is an important part of protecting your data, but it's not the only part."
Stray printouts and sticky notes, both decidedly low-tech, can turn into high-tech security headaches. Individuals looking to compromise a computer system often will go "dumpster diving," sifting through office trash and shared printer areas in search of stray papers that include passwords, bank numbers or personal information. For this reason, Carter recommends never writing down a password and making sure to shred any printouts that might contain sensitive information.
Shared printers also require extra care. Avoid locating a departmental printer in a public space. Ideally, only those individuals who use a printer should have physical access to it. Likewise, it's a good idea to politely challenge unfamiliar individuals wandering through your office space. Dumpster divers don't like to be noticed. A simple, "Hi, can I help you find someone?" usually is enough to let that person know that you are aware of their presence.
Taking these simple, low-tech steps can make a major difference in the security of your electronic data.
[ 30 ]