Guest article by Jeremy Anderberg, Green House Data

The last couple years have seen incredible innovations in IT hardware and software security. Because of that, you’d think that security would start to be less of a problem for IT departments. Unfortunately, around 80% of data breaches are still the result of user error. This is not a problem that software upgrades can take care of. The good news, however, is that proper training and processes can make a huge difference for your company.

Here are 5 areas where you can improve the security of your sensitive information nearly overnight.

Paper Trail

Look around any workplace environment and you’ll likely see stacks of papers piled on top of desks, and often times these piles are a bit more disorganized than we’d like to admit. Paper documents are still a part of business. In fact, the average American worker still use roughly 10,000 sheets of paper per year. That’s becoming less the case as we get more digital, but the necessity for paper in some instances is still present.

These stacks of papers lying on top of desks can pose a security threat. Whether it’s a possibly nosy coworker or a theft in the night, you may be at risk. Especially if you haven’t cleaned up in a while, there may be sensitive information hiding out that you don’t even remember. The solution, thankfully, is really quite simple. When you are done with a document that contains sensitive information, shred it ASAP. Don’t just leave it sitting around. If you have papers that need to be kept, at least lock them up in a file cabinet each night before leaving. It not only protects your company, but keeps your desk nice and tidy as well.

Logging On/Off Regularly

This is perhaps the easiest and quickest fix on this list. The simple act of logging off or shutting down your computer when you leave the office helps protect your data in the evening and through the night. This is a common enough practice. What we don’t often think about is logging off when go to the bathroom, take a 15-minute break, go out for lunch, etc. Especially in big companies, you may not know all the people working around you. And as history has too often shown, you sometimes can’t even trust those you do know. It’s much better to be safe than sorry. You may consider it a hassle to lock down your computer every time you leave your desk, but in reality, it doesn’t take more than 10-20 seconds of your time.

Passwords

It seems like everyone knows that passwords are an easy target for hackers, but not many people do anything about it. Somehow we still all have some combination of a name/nickname along with a 4-digit birthdate. Hackers are too sophisticated to be stopped by “Fido0404”. A few password tips for you, and please, take these seriously.

• Use something complex! It seems obvious, but it has to be said. The best password, as discovered by researchers this year, is actually a sentence. Come up with a sentence that you can remember easily, then transform that into a complex-looking password. For example: “The Alabama Crimson Tide football team won the 2013 BCS championship game.” Translate that to: TACTftwt13BCScg. It looks random and complex, but it’s something you can hopefully easily remember.
• Change your computer password every 30 days. Many companies, and even operating systems, have this functionality built in. They often use 45-day cycles, but you can break the mold and make a note to change yours on the first of each month.
• Don’t share with anyone. Again, this should be obvious, but it’s not. It’s not uncommon for a coworker to borrow a computer for a presentation or need something when someone is sick at home. The temptation is to just say, “Hey, what’s your password, I can take care of it.” Don’t do it! Always type in your password yourself. You just cannot be too cautious.

Zip Drives

These little technological wonders have caused many headaches for CTOs and CIOs. They are incredibly small and portable, which makes them handy, but also susceptible to being lost, forgotten, and easily stolen. The best rule of thumb is to simply not keep sensitive documents on your zip drive. If it’s absolutely necessary, you can password protect and encrypt the documents to ensure that even if your device does go missing, you can have some piece of mind that the information on it won’t be compromised. Also be sure to go through the files on your drive on a regular basis. There’s a good chance you have some documents in there that don’t need to be, and you just haven’t gotten around to deleting them.

What can you do to make sure that your drive doesn’t get lost in the first place? Don’t lend it to coworkers outside of transferring files for a few minutes at a time. Keep it stored safely in a zipper pocket in a briefcase, or perhaps on your keychain to make sure that you know right where it is at all times, and would know immediately if it had been snatched. If you don’t need the zip drive for the evening, you can even leave it locked up in a desk drawer.

Mobile Devices

This one is tricky because it is so expansive and broad to cover in just a couple paragraphs, but there are a couple easy things you can do. The easiest way to make sure that your mobile device won’t be a boon on security for your company is to simply not use it for any work functions. Obviously that’s much easier said than done. There’s a chance, though, that some of your employees could either have a separate work cell phone/tablet, or just have the discipline to keep their email and other documents off their devices.

The rise in popularity of “Bring Your Own Device” (BYOD) policies should also be mentioned. Many companies nowadays are asking that employees use their own devices for work purposes and be reimbursed, versus simply supplying everyone with a smartphone upon hiring. With that, there is often a set of security guidelines to comply with. Make sure you are doing so and understand all the provisions what “What If” scenarios. In some cases, IT even has the ability to remotely wipe a phone of all data should be it compromised.

Having said all that, the easiest way to protect your phone is to simply password protect it. And again, shy away from birthdays or the obvious (you’d be amazed how many folks have “1234” as the password to get into the hallowed ground of their iPhone home screen). A truly random four-digit number will be best. Depending on your service provider, you can also have your phone tracked and remotely erased of data should it become lost or stolen. Check with your provider and get this service set-up for your business devices if you haven’t already.

Bonus Tip! Viral Content

This rule is just so easy to break, it’s almost unfair. We all know those emails we get from coworkers with headlines like “World’s Largest Rabbit!” and “Cat Does Double Backflip [Video]”. They are so easy to click on, and yes, sometimes even necessary for workplace sanity. The problem is that hackers and spammers will create links with these types of attractive headlines and inevitably get people to download viruses and other malware onto their computers. When you’re at work, it’s best to simply not click on any of those emails unless it’s from a coworker whose identity and email address you can be absolutely sure of. If there is even a tinge of doubt, just delete it. A few minutes of laughter is not worth the headache of a corrupted network.

Another great tool is onlinelinkscan.com. If you have any doubt about a link that a coworker or your dear Aunt Mabel sent you, go to that website, pop the link in, and it will scan for harmful content. You have no excuse for clicking bad links anymore!

With a few small and consistent changes to your everyday workplace habits, you can make sure that you are not the one to blame for a data breach.

Green House Data is a cloud hosting and colocation services provider with facilities across the country. With our totally secure services, you’ll never have to worry about the hardware/software aspect of data security again. To learn more visit our website at www.greenhousedata.com.