Hackers can take advantage of lax or polite employees to penetrate a physical office space. In this video, learn about how to identify potentially suspicious characters and know how to respond in a day-to-day situation.
- So get this. It's important to understand that cybersecurity attacks in the workplace aren't only conducted online. Company employees should also follow physical security practices to protect against vandalism, theft, and corporate sabotage. For a sophisticated hacker, having physical access to a mobile device or computer is essentially the same as having access to all the information stored on that device, or potentially even access to data on a company network. A study conducted by the Ponemon Institute surveyed 650 individuals involved in their organization's strategy for the protection of confidential and sensitive information. 68% of respondents reported that their organization experienced a data breach in the past 12 months. Of these, 69% said one or more of these data breaches involved the loss or theft of paper documents or electronic devices containing sensitive or confidential information. The survey found that two of the most commonly compromised physical asset types were paper documents and laptops. The most common locations of theft were at the victim's work area or employee-owned vehicles. And if you think most physical breaches are the result of sophisticated tactics straight out of a high tech heist movie, the reality may surprise you. Hackers use simple social engineering to exploit vulnerabilities in human nature and access confidential data. In this case, Chet. - There's only one of 'em, and that's definitely not me. - Oh hey, watch yourself there, bud. Let me get that for you. - Thanks, man. - You the man. - Thanks again man, so what do they got you doing here today? - Oh, I'm with FO and YH Vac, I'm meeting Paul upstairs in GWS, yeah, it sounds like there's some issues with your FOVs which are causing EUH problems. Yeah, definitely want to get it under control before-- - Hackers often claim to be legitimate vendors, sometimes wearing uniforms, and offering bogus reasons for requiring entry. It's not exactly CIA-level spycraft, is it? But it works, and once a hacker has access physically, there's a whole host of vulnerabilities that they can exploit. - Yeah, uh-huh. It's going to be huge. Yeah, I've got that right here, working on it right now. - Hackers look for any way to access sensitive information. Loose papers on a desk, in a trash can, an unattended laptop or an external drive, writing on a post-it or a whiteboard. Basically, Chet's workstation. - I got to go. Hey, what are you doing? - Your delta Ts are way out of wack. - Hey, what's happening? - What are you doing? - It can be easy to let your guard down in an office environment, if you think that security is someone else's job. But watch, it only takes a few minutes for someone to steal confidential information. Chet just gave that guy unfettered access to the whole building. He could be doing anything right now. He could be installing a new wireless access point, collecting passwords from anyone who connects to it. You got to do better, Chet. - Who are you? How does she know my name? - While online activity often comes to mind when thinking about cybersecurity, physical security is the first step to protecting digital information.
- Protecting sensitive information in your physical office
- Avoiding malware attacks
- Social engineering attacks, such as voice phishing
- Avoiding security attacks on smartphones
- Identifying different types of email scams
- Best practices for working with both public and home Wi-Fi
- The benefits of using VPN
- Creating strong passwords
- Protecting company and employee information