July 28, 2014 by The GLS Team
Over the last several decades, technology has gifted us with some amazing tools. We do more with technology than we ever could have dreamed and most of us could not imagine our lives without it today. From advances in the medical field to the Internet, from mobile hot spots to text messaging, technology has advanced nearly every aspect of our lives.
Confidentiality: The Tech Challenge
Although technology has brought many modern conveniences into our personal and work lives, it has also brought some challenges. Some of these challenges include backing up and storing information, still connecting with people, dealing with outages, and even privacy and confidentiality concerns.
No matter what type of business or industry you work in, privacy and confidentiality are most likely big issues that are given a lot of time and attention. Having access to any type of confidential information comes with a lot of responsibility. It doesn't matter if you are dealing with confidential patient information or trade secrets; all of this information is vital and in the wrong hands can cause havoc for the individual that breached it and that company that it belongs to.
Taking Workplace Security Home
In our fast paced world, work seems to never stop. More and more employees across several different industries are working longer hours, taking work home, and never seem to put boundaries on their business hours. While taking work home can play a big role in balancing work and family and having an edge in your department, it also presents some problems.
Whether you are working from home, a doctor finishing charting or taking a call, or you are finishing a project at home, you should be implementing security and best practices in your home. It starts with not leaving confidential papers, projects or information out where others can see it at home. However, if your work involves any type of technology, security goes even deeper than this.
Guidelines for Security and Working from Home
If you are bringing home confidential work information or using a personal device to save important company information, always be sure to seek the appropriate approval. Your company should be aware of what information you have access to from home and on your own devices. You should have a clear and concise reason and purpose for needing the confidential information at home.
It is also recommended that companies enact policies regarding working from outside the office with secure and confidential information. Depending on the size of the company, the IT and legal department should be highly involved with these policies. Many times, purchasing online training products from a company, such as Global Learning Systems, will help employees learn how to identify and avoid threats, while ensuring compliance is met and data is secure.
Once you have approval to use such information when working outside of the office, you should keep all of your work and personal devices with confidential information on them locked, password protected, and appropriately and safely stored away when you are not using them.
You should also set up security measures from your home computer and Internet to protect confidential work and personal information. If your company has an IT department, they may be able to help with this and make sure that your system is up to date with its firewalls and protection or security system. In addition, be sure that no one in your home has access to your work log in information, such as usernames and passwords. Confidential information should not be stored on flash drives or other small portable storage devices, as these are easily lost and can be quickly stolen, causing a compromise of the information.
Working from home can be a wonderful modern day convenience. When done correctly with the proper protocols, forethought, and security, important information can remain confidential, even when working from home.
July 11, 2014 by Carsen
We are excited to announce our Security Awareness Training received another recent award: the Gold award in the Training, Awareness and Educational Programs category at the 9th Annual IT Industry’s Hot Companies and Best Products Awards, hosted by Network Products Guide. In addition, our OnDemand learning management system (LMS) received the Bronze award in the Cloud Computing/SaaS category.
Our news release can be found here for more information on this award.
These industry awards are the world's premier information technology awards, honoring achievements and recognitions in every facet of the Information Technology (IT) industry.
For more information on security awareness training for your organization click here.
July 09, 2014 by The GLS Team
More organizations are part of the growing trend of BYOD or Bring Your Own Device to work. While this policy provides convenience for employees and increases productivity, it also increases the company's level of risk. With so many people using mobile devices to connect with the Internet or intranets, there is a greater possibility of security problems. Hackers have managed to enter a company network through the Internet connection on a smartphone. To protect the information and data stored on your devices, here are five best practices to follow.
1. Limit Data Shared
One good way to keep others from discovering your personal and company information is to not place sensitive data on mobile devices. Although these devices are meant to make your life more convenient as a repository of photos, contact details of family, friends, and colleagues, the devices all leave you more vulnerable to a security breach.
2. Require Authentication
With authentication, you have to prove who you are before gaining access to a mobile device. In most cases, the authentication is a password or a personal identification number or PIN. The trick is to create a password or PIN you can remember, but is hard for anyone else to guess. For best results, users need a password that is at least eight characters long and contains capital letters, lower case letters, numbers, and symbols. These types of passwords are harder to decipher. A PIN should also be difficult to uncover (don’t use 1111, 1234, etc). If you believe a phone only allows for 4 characters, check your security settings. In many cases you can turn off the “simple” PIN in your settings, which will enable you to create longer passwords.
If you choose to use swipe authentication, it needs to be a complicated pattern that someone wouldn’t normally guess or try. For example, don’t do a line up, or swipe left or right.
Once you have a good password or PIN in place, it's also a smart idea not to write it down on a piece of paper and leave it near your device. In addition, remember to turn on the device authentication in case the device is ever lost, misplaced, or stolen. This prevents anyone who finds your device from actually using it.
3. Remember to Log Out
One of the easiest ways to protect the data you have on your device is to log-out of the services you’re using and remember to lock your device. Staying logged in makes it possible for others to gain access to the information you have stored on your device. For example, you may be logged into multiple accounts on your mobile device (such as social media accounts, email accounts, etc.), and if someone were to gain access to your mobile device with all your accounts logged-in, they have instant access to your accounts and information. Even before going to the bathroom or getting a cup of coffee you should first log off your accounts. Yes, it can be a nuisance to have to log back in a few minutes later, but an experienced hacker can download a lot of sensitive information in just a few minutes (and we’ve all seen what friends can do when they “hack” social media accounts).
4. Use Encryption Tools
Encryption is another important part of security. With encryption, the data transmitted, received or stored is scrambled so it is impossible to read if intercepted by hackers. Most mobile devices offer encryption capabilities, but you have to enable them and use them correctly to protect your information. If your device does not have built-in encryption features, you can purchase and install third-party encryption tools. You need to encrypt the memory card or any data stored on the device. Organizations should mandate that all employees use device encryption.
5. Install Anti-Malware Software
Mobile devices are also susceptible to viruses, spyware, malware, Trojans, worms, and other malicious content that can infect your device or gain access to the company network. Most mobile devices do not have security software pre-installed. In these cases, consider buying and installing commercial software designed to protect mobile devices from attacks.
Mobile devices in the workplace are now part of business culture. To learn more about information security in the workplace, Global Learning Systems has a great security awareness training course. The best thing organizations can do now is to take security threats seriously by implementing policies that strengthen mobile device security.