You can’t expect your personnel to know how to safeguard information and computing devices if you do not tell them *HOW* to safeguard them!
Humans are not born with an inherent instinct to automatically safeguard information assets. In fact, some folks seem to be born with a pre-disposition to fling caution to the wind when it comes to protecting information. Why else would someone drink three tall beers while working alone in a busy airport bar/restaurant and then leave their laptop completely unsecured on the table top to go somewhere else down the hallway out of sight for 30 minutes? (Saw this on a recent trip.) Yes, I know the alcohol had some impact on their decision-making, but think about all the folks in your organization who have a tendency to do risky activities even without the influence of alcohol.
The fourth section from the second article in the June issue of my “IT Compliance in Realtime Journal” discusses why all organizations must provid training and ongoing awareness communications to their personnel for how to protect mobile computing devices.
You cannot expect your personnel to know how to safeguard information and mobile computers if you do not provide them with training and ongoing awareness for how to do it! Deja vu…did I already say this? You bet; and I’ll probably say it a few million times more in my lifetime because it is so important, yet so seldom considered!
Here’s an unformatted version; you can download a much nicer PDF version of it with the entire June Journal…
Posts Tagged ‘policies and procedures’
Tell Personnel How to Protect Mobile Computing Devices and Storage Media
Tuesday, June 24th, 2008Make Your Personnel Aware Of Mobile Computing Security Requirements
Monday, June 23rd, 2008If you don’t encrypt sensitive and personally identifiable information (PII) on mobile computers, you are at very high risk of having that information breached. It seems that laptops practically scream “Take me!” to any potential swindler who happens to pass by. Yet one more in the daily news reports about mobile computer thefts provides a good example of this; “World’s Largest Telco Admits – We Didn’t Encrypt Laptop Data”
The third section from the June issue of my “IT Compliance in Realtime Journal” discusses why all organizations that use mobile computing devices for business purposes must ensure their personnel know and understand how to use mobile computers in a secure manner. You cannot expect your personnel to know how to safeguard information and mobile computers if you do not provide them with training and ongoing awareness for how to do it!
Here’s an unformatted version; you can download a much nicer PDF version of it with the entire June Journal…
Six Ways Organizations Can Lessen Mobile Computing Risks
Friday, June 20th, 2008Geesh, every single day there is at least one news report about a stolen or lost mobile (laptop, notebook, PDA, Blackberry, etc.) computer! Today one of the reports was about a laptop computer, containing cleartext information about 11,000 hospital patients, that was stolen from a doctor’s home in Staffordshire, U.K.
A couple of days ago I posted the first section from the second article in my “IT Compliance in Realtime” journal issue for June.
Here’s the second section from that article…
Mobile Computing Security Problems Exist Throughout the World
Wednesday, June 18th, 2008Every day, literally, I read news reports about lost or stolen laptops. Today is no exception. The news report, “A Misconfigured Laptop, a Wrecked Life,” chronicles how one man had his first work laptop stolen, and then he was fired when the second work laptop he was issued as a replacement was found to have pornography on it…either it was pre-loaded when he got it, or lack of prevention software allowed someone to remotely load it on his computer while he was online.
Hold Your Vendors To Their Promises
Tuesday, June 17th, 2008Sometimes you just need to let a business know if their service or product is subpar. You should always let a business know if their product or service is downright rotten. You definitely need to let your vendors and business partners know if they are not meeting your expectations or contracted requirements. This certainly goes for not only our business partners at work, such as our software and hardware vendors, service providers, and outsourced entities, but also in our everyday lives.
Today I was motivated to write a pointed letter to a restaurant that I usually enjoy visiting. Here is what I wrote…
100+ Hot Spots During A Short Drive Around Town
Monday, June 16th, 2008Last Friday my 8-year-old son and I looked for a wifi hotspot to work from while my 11-year-old son was at band camp for the day (I didn’t want to waste gas by driving all the 25+ miles back home, and then driving into town again to pick him up at the end of the day). We discovered the IHOP close by actually has free wireless access…I did not know that! So, we had lunch there and I did work while we ate.
Be Prepared…Is Your Disaster Recovery Plan Current?
Thursday, June 12th, 2008I’ve been in Vermont this week at the Norwich University MSIA residency week.
It was storming and treacherous with tornadoes when I left my Iowa home on Sunday morning, and it took me two days to get to Vermont because of flight cancellations. Now I’m sitting at the Burlington, VT airport wondering if I will be able to make it home tonight, where Iowa is still experiencing horrific weather, and has sadly seen the tragedy of a tornado, last night, killing four and wounding close to fifty boy scouts at a wilderness camp there.
Think and Look Before You Send that Quick Message!
Wednesday, June 11th, 2008Every month, and sometimes weekly, I see a privacy breach that is a result of a messaging mistake. People need to be more careful about all the types of electronic messages they are sending and not so quick to hit that send button!
Here is the fourth, and final, part of the first article within the June issue of my “IT Compliance in Realtime” journal, “What to Tell Personnel: Messaging Security and Privacy“…
Think and Look Before You Send that Quick Message!
Wednesday, June 11th, 2008Every month, and sometimes weekly, I see a privacy breach that is a result of a messaging mistake. People need to be more careful about all the types of electronic messages they are sending and not so quick to hit that send button!
Here is the fourth, and final, part of the first article within the June issue of my “IT Compliance in Realtime” journal, “What to Tell Personnel: Messaging Security and Privacy“…
Let Your Personnel Know Their Messaging Boundaries
Tuesday, June 10th, 2008Here is the third part of the first article within the June issue of my “IT Compliance in Realtime” journal, “What to Tell Personnel: Messaging Security and Privacy“…
