Why Hack When Your People Give It Away For Free

Posted on by

Why Hack

When I was working as a supervisor at a marketing company, our HR department had me help with workplace sensitivity and sexual harassment training. As I went through the materials, I was surprised to see that most of the things that constitute harassment were commonplace in our work environment.

That’s not to say that everyone in the company was an insensitive letch; quite the opposite actually, but there were behaviors in place that were generally accepted that could easily lead to something more detrimental. When we conducted the training, it was evident that most of our people were unaware that their words and behavior could lead to hurt feelings, law suits, and termination. To be honest, the staff simply didn’t know.

The same can be said of security awareness training in the workplace, more particularly with regards to technology and intellectual property. As I review my career and the companies I have served, I remember unsecured networks in at least two places, where I was able to read files from just about every computer profile in the company, all from the comfort of my own cubicle.

Likewise, I had my files browsed at one place and found out later that sensitive contents had been accessed. With the advent of social networks and blogging, access to confidential information can be even more readily obtained through methods that would be considered low-tech. Why steal a password or raid a competitor’s network when a would-be spy can get the information from an unsuspecting employee, found through a social network.

I was involved in one case while being recruited by a marketing company. The principles in the company were doing a lot to garner my participation, including free lunches, special meetings, and free products. In the process, I “friended” their director of customer service and public relations through a well-known social network. This person regularly posted complaints about the company, her coworkers, and frustration with projects on her status updates, often from her desk at work. Her behavior wasn’t unusual in corporate America; everyone complains about their job, but her ignorance of proper security awareness had that information accessible to anyone in her world-wide social network. I was working for a rival company at the time, and some of that information made it into my employer’s hands.

Security awareness training is an essential part of the workplace in the 21st century. Protect your image and your confidentiality by making sure your employees are properly trained.

Share
Did you like this post? Subscribe to our feed and stay connected!
Recent Related Posts

Ping This Post:
http://www.e-hacking.com/articles/why-hack-when-your-people-give-it-away-for-free/trackback/

Leave a Reply

Your email address will not be published. Required fields are marked *

*

* Copy this password:

* Type or paste password here:

1,045 Spam Comments Blocked so far by Spam Free Wordpress