Are You Your IT Department's Worst Nightmare?Jefferson Wells Calls Attention to Top 10 Employee Behaviors That Put Companies at Risk BROOKFIELD, Wis adv. 1. Certainly; really; indeed. v. t. 1. To think; to suppose; to imagine; - used chiefly in the first person sing. present tense, I wis. See the Note under Ywis. . -- Do you abide by your company's IT policy faithfully or are you your IT department's worst nightmare? If you are like most employees, you fall somewhere between these extremes, but still could unintentionally be putting yourself and your company at risk. Jefferson Wells, a global provider of professional services (job) professional services - A department of a supplier providing consultancy and programming manpower for the supplier's products. including technology risk management, researched the top 10 activities that keep IT managers up at night and developed a process to rank the best and worst offenders. "Most companies only have a small handful of employees who go out of their way to find new, creative ways to get around IT policies," said Karl Kispert, solutions director of technology risk management for Jefferson Wells. "Sometimes the bigger problem can be employees who unintentionally break policies without thinking about the consequence of their actions. For example, they may think it is good to take their laptop home to do extra work, but if it is stolen without being properly encrypted en·crypt tr.v. en·crypt·ed, en·crypt·ing, en·crypts 1. To put into code or cipher. 2. Computer Science , valuable company information could fall into the wrong hands." After an in-depth analysis of what is keeping IT managers up at night, and having performed more than 500 technology risk assessments for its clients, Jefferson Wells developed the following quiz. Based on the number of "Yes" answers, employees can see where they rank in the scale of IT risk. ARE YOU YOUR IT DEPARTMENT'S WORST NIGHTMARE? 1. Do you take your laptop out of the office even though it's not encrypted? 2. Do you take sensitive company information home on a flash drive? 3. Do you use your work e-mail address See Internet address. e-mail address - electronic mail address on blogging and social networking sites A Web site that provides a virtual community for people interested in a particular subject or just to "hang out" together. Members create their own online "profile" with biographical data, pictures, likes, dislikes and any other information they choose to post. ? 4. Do you access your personal e-mail on your work smart phone or PDA (Personal Digital Assistant) A handheld computer for managing contacts, appointments and tasks. It typically includes a name and address database, calendar, to-do list and note taker, which are the functions in a personal information manager (see PIM). ? 5. Do you plug in unapproved un·ap·proved adj. Not approved or sanctioned: an unapproved vaccine; an unapproved protest march. wireless equipment to your work network? 6. Do you install rogue Rogue, river, c.200 mi (320 km) long, rising in SW Oreg., in the Cascade Range N of Crater Lake. It flows southwest and west through a fertile valley (noted for its orchard fruits) and then across the Coast Range to the Pacific Ocean at Gold Beach. applications to your work computer? 7. Do you have your passwords taped on your computer or monitor? 8. Do you open e-mail from unknown recipients? 9. Do you forward e-mail with off-color jokes or images to co-workers? 10. Do you continuously e-mail large data files that could bog down bog down Verb [bogging, bogged] to impede physically or mentally Verb 1. bog down - get stuck while doing something; "She bogged down many times while she wrote her dissertation" bog your company's bandwidth? IT Risk Level: Based on the number of "Yes" responses, you could be putting yourself and your company at risk. * 0: You are an IT manager's dream come true. Your IT department thanks you for your compliance. * 1 to 3: You are most likely an unintentional violator. It's a good idea to review your company's IT policy to make sure you are staying within its limits. * 4 to 7: You are a frequent violator. Consider meeting with your IT department or compliance officer to see if you can accomplish your goals without increasing the company's vulnerability and exposure. * 8 to 10: You are a chronic violator and your IT department probably has you on speed dial. Set up an appointment with them immediately to address these issues. Companies often spend thousands of dollars to build high-tech secure environments to protect proprietary information from outside hackers, yet many neglect to monitor the information that walks out their doors every night with their employees. Laptops, flash drives and smartphones all increase a company's vulnerability to fraud. But Kispert says if IT managers have acceptable use policies in place, a proactive awareness program, and if they conduct regular technology risk assessments, they could sleep more soundly at night. There are also a few things employees can do to help lower a company's vulnerability to fraud. Jefferson Wells offers the following tips for employees: * Encrypt See encryption. your data: If you work with sensitive information that you do not want to fall into the hands of your competitors, make sure you either encrypt or remove those files from your laptop or flash drive before you take them out of the office. * Get a personal e-mail account e-mail account n → cuenta de correo : Use your Yahoo or Hotmail e-mail account when accessing social networking sites. * Protect your password: Create a complex password that incorporates upper and lowercase letters lowercase letter n. A letter written or printed in a size smaller than and often in a form differing from its corresponding capital letter. [From their storage in the lower of two trays used by compositors.] and numbers, and commit it to memory. * Think before you click: Be careful about opening e-mail from unknown sources and always think twice before forwarding potentially offensive content to coworkers, viruses give everyone a headache. As technology continues to advance, company policies governing its use continue to become increasingly strict. Companies struggle in the tug-of-war between giving employees the freedom they need to do their jobs and the restrictive policies that will help protect the company from fraud and theft. Kispert says that increasing awareness of risky IT behavior should help employees and IT departments work together to create stronger companies with lower IT vulnerabilities. About Jefferson Wells Jefferson Wells is a global provider of professional services in the areas of risk, controls, compliance and financial process improvement. The firm specializes in internal audit, technology risk management, tax, and accounting and finance. The firm serves clients including Fortune 500 and Global 1000 companies, through highly experienced, salaried professionals working from more than 50 offices worldwide. Jefferson Wells is an independently operating, wholly owned subsidiary Wholly Owned Subsidiary A subsidiary whose parent company owns 100% of its common stock. Notes: In other words, the parent company owns the company outright and there are no minority owners. of Manpower Inc. (NYSE NYSE See: New York Stock Exchange : MAN). www.jeffersonwells.com. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion