Security Mistakes from the Field
Killian: Hey, everyone. Welcome to another episode of Tech Riffs. My name’s Killian, and I’m a systems engineer here at Worksighted. Today I have a very special guest with me. His name is Cody, and he’s a field engineer out of our West Michigan office. Cody, thanks for joining me today.
Cody: Yeah, thanks for having me.
Killian: So one of the things I wanted to talk to you about today was security. We just ran our West Michigan IT report, and we found that 35% of the businesses that we talked to said security was among their top three concerns for their organization, especially related to IT security. You’ve been doing this field engineer thing for quite a while now. What are some things, we’ll say over the past year that you’ve seen in the field?
Cody: Yeah. Well, I’ve definitely noticed a few things common between all industries that I work with. That would be password management, falling for phishing emails, and then it’s physical security of your devices.
Killian: Okay, yeah. That list covers a lot of different things. The first thing you said was password management. What do you mean by that?
Cody: Yeah, the covers a couple different things, the first one having too simple of a password, “password1” or something like that. It’s very easy for hackers or anybody else to guess it, so you want to have something more complex that somebody can’t guess. The other thing would be avoiding having your password somewhere obvious, sticky noting it to your laptop or underneath your keyboard. We like to think within the business you can trust everybody, but it just protects you that it somebody does have malicious intent, your password isn’t sitting there open for other people to use and pin your name on something.
Killian: Right, because if you had your password out in the open and I wanted to do something wrong or something to hurt the company and I guessed your password, everything that I did, my digital fingerprints so to speak would all be yours. They would be in Cody’s name.
Killian: We want to make sure we keep honest people honest definitely for sure. Okay. The next thing you said was phishing emails. Why don’t you talk a little bit about that?
Cody: Yeah, we’ve seen an increase in that over the last year or so. A lot of that being people getting emails from Microsoft, or even internal within the company, but they’re fake emails and they’re clicking on these links getting their computer infected or the entire company infected, which is not what you want. The other thing that we’ve been seeing an increase of is phone calls, so people claiming to be from Microsoft or another company saying that you have a virus or something wrong with your computer and trying to gain access to your computer. The only one that should be remoting in to your computer is your IT department.
Killian: Yeah, absolutely, and if you don’t know who you’re talking to on the other end of the line, definitely the best stance to take is to be suspicious. This one is such a big deal that we actually did a Tech Riffs recently, you can click the link below to go to that video on how to spot a fake phishing email and kind of some steps you can take to protect yourself. The third thing was physical security. What do you mean by that?
Cody: Yeah. That would be a couple different things. One would be just always locking your computer. When you walk away for a couple minutes to get a coffee, go to the restroom, whatever it is, just get in the habit, always lock your computer, and this carries over to then when you take your laptop on the road, a coffee shop, working from hotels, whatever the case may be. You’re just in the habit. You’re always locking it. The other would be your phone. People don’t think about it, but there’s a lot of personal information and company information through emails coming into your phone, so it’s good to have a password there and always keep that locked when you’re not holding on to it.
Killian: Yeah, that’s a great point. The thing I like about most the stuff on that list is that the users have so much control over everything on that. Being careful of your passwords, watching out for the phishing emails, and just making sure that you lock your stuff when you walk away, that’s all stuff that you have direct control over, which I think is really, really great. Well, thanks for coming on the show.
Cody: Thank you.
Killian: Really great to have you. That’s a wrap for us, which means it’s time for my shameless plug.