According to a Bloomberg Business story, a cyber criminal can crack a six-character password that has all lowercase letters in just 10 minutes.
Using simple passwords is one of many common work habits that can result in a data breach risk for you and your organisation. Today, office security tips underline the importance of changing bad habits.
In a recent report by Ponemon and Experian Managing Insider Risk through Training & Culture, 66% of professionals said their employees are the weakest link in their organisations' security efforts.
Here are 10 everyday, bad work habits that increase the risk of a data breach – and ways to change them:
- Using easy-to-guess passwords. According to the 2017 Verizon Data Breach Investigations Report (DBIR), 80% of hacking-related breaches used either stolen passwords and/or weak or guessable passwords. The best passwords should be at least 9 characters and contain a combination of numbers, symbols and upper and lower case letters.
- Forgetting print-outs at the office printer. Whether you print a document but wait until later to pick it up or forget materials in the printer tray, confidential information is being exposed. Shred-it’s Information Security Office Reminders include always remembering to take printed materials from the printer.
- Leaving work out on your desk for tomorrow. This habit provides an opportunity for visual hacking and physical theft. Every workplace should enforce a Clean Desk Policy with desks cleared and confidential data locked away at the end of every day.
- Opening email attachments from someone you don’t know. The DBIR found that about 1 in 14 users are tricked by phishing emails, and 25% of them go on to be further duped. Learn how to spot phishing emails, and to resist clicking on questionable links or attachments.
- Throwing out old mobile devices. Even if you delete confidential data, information thieves can recover it from hard drives using special software. Partner with a recognised document destruction provider for secure hard drive destruction.
- Downloading unapproved apps. Many employees download apps for personal use onto their work devices. But many apps do not have proper security. Consult with the IT department first, or download to personal devices only.
- Delaying patches and updates. Security patches and updates protect computers from current known threats. Don't put it off - patch right away.
- Not backing up files. Anyone targeted by a ransomware attack may lose their important files. Back up files regularly, and store data in a safe place.
- Using public Wi-Fi to access confidential data. In a Harris Interactive survey, 31% of employees admitted to connecting to their company’s network from unsecured free or public Wi-Fi. But ‘public’ means you are more vulnerable to an attack. Don’t do it.
- Throwing paper documents into the recycling bin. Fraudsters inside an organisation and bin raiders may steal this information. A document destruction company provides a secure destruction process including locked consoles. A Shred-it All Policy helps ensure that all documents are destroyed when no longer needed.
Start Protecting Your Business
To learn more about how Shred-it can protect your documents and hard drives, please contact us to get a free quote and data security survey.