As we welcome in the New Year, it’s common for people to make a few New Year’s Resolutions. Let’s make a few New Year’s Information Security Resolutions! This year I challenge you to resolve to do the following:
1) Do not write down passwords on any post-it notes or in a journal.
2) Stop people you see wandering around the office with no identification and/or call security.
3) Download and install updates as they are released.
(Even when you’re ready to shut down and leave the office and it’s configuring 4 of 15 updates…)
4) Do not open emails from mysterious or unknown senders.
5) Never click on attachments from unidentified email correspondence.
(Never, I mean ever!!)
6) Keep handy the phone number of your Incident Response/Forensic Partner.
7) Back up your system regularly.
8) Keep up to date on Patch Management. (More for the Systems Admins out there.)
9) Make every visitor sign in, wear their badge, and be escorted. (More for the Receptionists out there.)
10) Change your password when required.
Without complaining.
Even when it seems like it’s the 6th time this month.
11) Take the security awareness training and test required by your employer.
12) Be kind to your Information Security team. They’re only trying to protect you, your company, and your clients.
Hope you all have a safe, secure and happy 2011!
Nancy Sykora
Sr. Account Executive