She once gave me the alarm code & then asked if I needed to write it down. Of course, I have 2 issues with that kind of thing; 1) unless you have the memory capacity of a tadpole, remembering 4 digits for roughly 30 minutes isn't hard & 2) writing a pass code down on a piece of paper is not secure!
This brings me to her recent revelation about passwords to a new member of staff. Apparently the "greatest risk" to companies "right now" is the hacking of their intellectual property.
While I agree that the security of IP is a risk that organisations & individuals should be concerned about, I think it is one of a few major risks, but not the biggest risk out there. Events in recent years have shown that things like floods, earthquakes, tsunamis, economic crises & planes flying into buildings, can have equally devastating effects on organisations - even countries!
But, moving along to the most shocking part of the revelation: Mrs Meticulous (as henceforth she shall be known) keeps a file on her laptop with her login passwords to sites she uses. Said file is in .doc format & for extra added security, the name is purposefully unrelated to the word "password" or any of its associations.
So instead of typing in her password every time, she copies & pastes her username and password into the login fields.
Her reasoning for this is that "people can hack or monitor while you type, but they can't hack your copy & paste".
Riiiiight!
The Windows clipboard can be 'hacked', specially if you're using Internet Explorer - made even more easily accessible by the fact that she is running a much older version of Windows too!
Not only that - but Mrs Meticulous has a file with login details stored on the laptop! She also has written notes kept in a little plastic A4 folder on her desk. The notes contain ALL her passwords, access details to all the laptops, the company server & the router...
It's like going away on holiday & leaving your house keys outside, next to a sign that says: "Free entry. All welcome".
The lack of common sense here astounds me!
Unfortunately Ms Meticulous is not alone in this. There are numerous people who throw caution to the wind when it comes to IT-related matters & don't apply simple logic to situations.
Yes, computers, gadgets & the internet may at times be complex, but simple common sense can go a long way!
So get some & apply it!
PS: Ms Meticulous also keeps a file on her laptop with all her family & company credit card details...!
No comments:
Post a Comment