http://www.timesonline.co.uk/tol/life_and_style/career_and_jobs/recruiter_forum/article4836584.ece By Carly Chynoweth The Sunday Times September 28, 2008 Firewalls, passwords and high-tech entry systems are all very well but they cannot stop someone from leaving documents on a train or lending their pass to a work-experience student. With all the attention being given to hacking, identity theft and computer-related security recently, it is easy to forget the key role that staff play in corporate security. "People are beginning to realise that the data-security leakages we have read about in the press are never down to technology - they are always due to people screwing up," said Martin Smith, chairman and founder of The Security Company (International). "So many things have gone wrong; all of them could be solved with management and training." One of the first steps that organisations should take, he advises, is to make sure staff understand the security implications of the decisions they make each day. This should help to minimise security breaches brought about by carelessness, such as holding sensitive conversations in public places or sending unencrypted private information through the post. "Most people want to follow the rules as long as you tell them what they are and what the consequences of breaking them will be - both for them and the company," said Smith. He tries to get the message through by asking staff to protect business information as if it was their own personal secret. "I tell them to treat the documents they deal with at work as if they are letters from their boyfriend that they don.t want their husband to see," he said. In other words, do not leave them on a desk where an outsider visiting the building for a meeting might spot them. "And I tell them to treat their password like chewing gum - do not share it or stick it on your computer." [...] __________________________________________________ Register now for HITBSecConf2008 - Malaysia! With a new triple-track conference featuring 4 keynote speakers and over 35 international experts, this is the largest network security event in Asia and the Middle East! http://conference.hackinthebox.org/hitbsecconf2008kl/Received on Mon Sep 29 2008 - 00:26:25 PDT
This archive was generated by hypermail 2.2.0 : Mon Sep 29 2008 - 00:39:40 PDT