There are no shortage of philosophies when it comes to computer and network security. Keeping data secure and private should be the number one priority for all those philosophies. One thing that is usually missing from these philosophies are the human component.
As IT Technicians, most of the time we forget that the users we help are just trying to do their job with minimum amount of interruption. Users most of the time will prefer efficiency over security when it comes to their computer system. If a security measure stands in their way, clever users can find a way around it. An example is when computers started to become popular, yet they were not as mobile as they are now, hospitals started having computers on carts so that doctors could have access to patient’s digital records when the doctor visited them in the hospital room. However, doctors forgot to lock the computer when they walked away, leaving the patient’s health records exposed to anyone passing by. The hospitals IT Staff responded by adding proximity sensors to the carts that will lock the computer when the doctor walks away. This meant that the doctor would have to type in the computer password (if they remembered it) again when they returned, even if they only left for a very short time. To prevent it from locking, the doctors would put their coffee cup on top of the sensor, thus preventing the computer from locking if they moved away. This took security back to square one. Listening to the Doctor’s feedback and some education on the IT staff’s part was crucial to solving this issue.
In an office setting, it’s common for users to forget their passwords, especially if the Sys Admin have stringent rules like password change every 90 days, along with high complexity requirements. Getting calls about resetting passwords, on top of other usual calls can amount to a lot of unnecessary calls. Even on the user’s side, they want to avoid calling the sys admin to get their password reset. A common way users prevent forgotten passwords is to write it down on a post-it note and keeping it somewhere secure (like taping it to the lower right quadrant of the monitor). Frivolity aside, this is a security risk for that system. If this is at a reception desk, anyone who walks in can get a glimpse at the login credentials. For a hacker, this is enough to get in to their system and do what they please.
There are ways around this issue, like a fingerprint scanner, or having a facial recognition software on the computer to make sure only the person that is assigned to that computer can unlock it. This can be expensive, like needing to buy software, accessories, or even upgrade the whole system. However, the financial benefits of having a secure computer are on a long-term basis. Skimping on security solutions and ignoring the human element can be an atrocious combination for a company. Being aware of both and knowing how to strike a balance is key to protecting from outside threats as well from unintentional internal ones.
TRA consulting not only focuses on Home Personal security, but also in SOHO (Small Office/Home Office) security. Our goal is to provide full IT support to growing small businesses who are too small to have a full time IT staff, yet big enough that they need one. We have many highly satisfied customers in the Long Beach, Orange County, San Diego, Southbay, and Los Angeles area. Contact us today, and let us take care of all of your computer security needs. Our prices are reasonable and our services are top notch. Call us today for a free consultation!