Companies don’t generally leave their IT security to chance: a large range of software and equipment solutions is often implemented and maintained by teams of experienced professionals. But, despite this painstaking work, one crucial point remains out of the experts’ control: the human factor, i.e. user behaviour, especially when the user is working remotely or using the same laptop at home and in the office. When you also take into consideration the external equipment regularly connected to a company’s network – such as USB keys or PDAs – monitoring becomes increasingly complicated. Without the users’ cooperation, it is impossible to ensure that the company’s network is protected. Here are some basic rules for protecting your data when working in the office, out of the office and at home.
Passwords written on a Post-it stuck to a computer, stored in a file or told to other people (colleagues or not): all very risky practices that are nevertheless very widespread in the workplace. Choose a password that’s difficult to guess but easy to remember (see our article "How to choose a password"), and be sure never to write it down anywhere. Change it at regular intervals and don’t tell it to anyone.
Skype, MSN Messenger, ICQ and Kazaa are certainly popular and undoubtedly very useful software applications, but they have no place being on your work computer (unless one of them is used as the company’s official messaging system). Regularly exposed to software vulnerabilities and virus attacks, this software can open the door to all kinds of infections. Especially if files transmitted through them are not analysed by the company’s antivirus! And if you want new software on your workstation for professional use, talk to your IT manager before installing a beta version or a version found on the Internet. They’ll be sure to offer you a legal version of the software so that you don’t put the company’s IT security in danger. Needless to say, illegally downloading music onto your work computer is not advised at all!
If you need to connect personal devices like PDAs to the company’s network, ask for help from your IT manager to avoid infecting the network with any possible viruses.
As a company’s antivirus is regularly updated, email security is for the most part already guaranteed. However, it’s still worth applying general rules of caution, such as never opening suspicious attachments. Don’t reply to spam either (all that will do is confirm your email address) and avoid downloading free personal software as they often contain spyware.
It’s not advisable to let family members or friends use your work laptop. But if you decide to do so, at least take the necessary precautions. Set up password-protected profiles for each user so that others won’t have access to company data. You can also create passwords or set up extra protection for certain confidential files so that they cannot be accidentally changed or deleted.
The company’s network security system protects your data in the office, but what about your home Internet connection? Don’t forget to update your personal antivirus and to install a firewall.
Who among us hasn’t already tried to install software CDs onto their personal computer that we have found in the office, or to pass the CDs along to friends? Unfortunately this seemingly-innocent practice is in fact a violation of the rules governing software licences. These licences are often granted for a fixed number of computers to a particular company, and don’t allow uncontrolled installations outside of these contractual boundaries.
Security cables to lock your computer in place are indispensable for those using laptops outside of the office. Don’t forget that if your computer is stolen, so is your data! Look after your laptop’s battery too by not having your laptop permanently plugged into the mains: a rechargeable battery is like a muscle, exercise is vital for it!
