By Akintunde-Rotimi Olawale | 14th June 2019 13:34:58
The work environment being professional needs to be treated as such. There are certain security practices and policies that every employee must adhere to in order to keep data and information relating to the company safe
The work environment cannot and should not be treated as just any environment. The data and information within any company/organization plays an integral role in either the upliftment or downfall of such company. Hence there are certain practices and policies that must be adhered to within the company.
- Never Leave PC Unattended For a Long Period: This is a very important point as it seems to be ignored. Take for example, an employee is logged in to the company's bank account online and decides to go on a lunch break without logging out from the online banking profile and leaves said computer on. This right here is a security breach/financial downfall waiting to happen. This is because anyone can easily steal private company information or even perform some disastrous activity on the company's banking profile. To fix such issues, employees must always log off from their PC's when intending on leaving their offices for a period of 20minutes or more.
- Use PC's (Workstations) Not Laptops: We all know that laptops are considerably more comfortable in tersms of use as compared to work-stations. But that's just the point. Because laptops can easily be moved from one place to another, the data and information can also be stolen in such manner.
- Report Suspicious Activities: Ignorance has no space in a work place environment. Every suspicious activity must be reported promptly irrespective or priority. For example, when trying to login to your PC, it no longer asks for your password. Such cases must be reported to the IT team if available or to your direct superior.
- Password Rules:
Avoid writing passwords on pieces of paper. If you must make your password complex(adding special characters), it should be something still unique and easy to remember. For example, your name is Jessica Phillips. Your password could be JE$$Ica_PhilliP$2o19. Also avoid using the same password on multiple systems/sites as once it is compromised, it could be disastrous.
- Control of Information: This entails restricting what each employee must know regarding the information and data in your organization. For example, only employees with a certain security clearance should know the online banking details or SARS login information and so fort. This helps in controlling the flow of information as even if a breach occurs, it'll be easier to narrow down as to which employee faltered.
