It’s important to recognize that very few (if any) office environments are completely secure. Vendors, cleaning crews, landlords, service providers … these “outsiders” are all likely to have access to your work area in some capacity or another. In addition, your job very well may require you to handle sensitive data and files that other coworkers should not be privy to.
When it comes to cybersecurity, you need to think about maintaining your “circle of trust”—and three habits can make a difference both in the office and out.
We definitely get it: Password management is a huge challenge. With virtually every system, app, and website requiring you to create a login—and with all reputable cybersecurity advisors cautioning against reusing passcodes—it’s almost impossible to remember all the complex passwords you’re asked to manage on a day-to-day basis.
Even so, writing your credentials on a sticky note or sheet of paper that you keep handy in your workspace is not a safe choice. We’ve heard many stories of password lists found under mouse pads and keyboards, and in unlocked desk drawers. It could take just a moment for someone walking by to snatch up a list that’s left in an unsecured location. And if a cybercriminal accesses a system using your credentials, you could be in the hot seat.
There are ways to simplify password management and make your life a little easier. Consider these pieces of advice:
- Password managers are a good option for electronic management of your login credentials. Approach your IT team for advice or do some research to identify well-reviewed and reputable options.
- If you want to go it alone, passphrases can be easier to remember than complex passcodes. Opt for something that is personal to you, but makes sense for the site you are visiting. If you are creating an account for an online bookstore, for example, think of something like “Scarlett O’Hara Is My Hero” or “I <3 2 read Sci-Fi.”
- Be particularly diligent with systems and sites that are high-value targets: corporate and personal email accounts, banking and payment sites, social media accounts, etc. Because attackers will try to use compromised credentials across multiple systems, you should never repeat passwords across these types of applications.
Tip #2: Lock Before You Walk
One of the simplest and most effective ways to ramp up cybersecurity is to employ a basic physical security measure: Lock up items that aren’t in use. Keep these easy, relatively low-tech best practices in mind:
- When you step away from your computer, even for just a few minutes, lock your system to prevent unauthorized access. Take small mobile devices (smartphones and tablets) with you whenever possible. Otherwise, lock them in a drawer or cabinet rather than leaving them out in the open.
- At the end of your work day, power down your devices and lock up any portable electronics that you are leaving behind (laptops, tablets, smartphones, etc.).
- Secure sensitive files and data at all times. Don’t leave folders, calendars, planning notes, or portable storage media (like CDs or flash drives) accessible to unauthorized individuals.
- Don’t leave your access cards and fobs unprotected. If you aren’t carrying them with you (which is recommended), secure them in a desk drawer or cabinet.
Tip #3: Think Beyond the Desktop
In addition to sensitive papers and data that might be visible on your desk itself, you should keep security top of mind when using whiteboards and printers.
Many brainstorming sessions and project plans are facilitated with the help of whiteboards. If confidential notes or ideas are captured during a meeting, be sure to erase sensitive information once the meeting ends. (If you need to capture notes for future viewing, take a picture with a smartphone. You can upload it to a secure server, then delete it from your device.)
You should also take steps to ensure that confidential printouts are not left on printers in public areas. Make it a habit to utilize secure printing functions (which require you to enter a code at the unit to initiate a print job) whenever possible. This helps to eliminate situations in which sensitive materials are forgotten about and, as a result, data security is compromised.