Physical security matters!
In a recent incident reported in US news, an office secretary unknowingly gave some of her law firm’s most private data to a gentleman who had bought a Comcast Cable polo shirt off eBay. He dressed in khakis with a tool belt, and told the secretary he was there to audit their cable modem specifications and take pictures of the install for quality assurance. She had no reason to suspect he was part of a now-extinct hacker ring who would gain access to a business’s private network by going inside the office and noting the configuration details and passwords for their firewalls and cable modems. In some cases, they actually built a secure VPN private backdoor they later used to steal data. If someone dressed up in a utility-provider uniform, would you let them in?
Ask for identification and who they have spoken with about the service they are performing, and be gracefully suspicious, as they say in the South. Keep any company policies about how visitors are allowed in the building, if such policies exist. If those kinds of policies don’t exist, work to define them. This is a real problem your office needs to address.
Stop back weekly to see our latest IT Security Tip.
Or, you can sign up and we will email the tips to you!