Employees' "low-tech" sloppiness causes high-tech problems

A good reminder for employers about maintaining cybersecurity comes from a recent Washington Post article ("This is why the government keeps getting hacked" by Jeffrey Neal) about the breach at the Office of Personnel Management. Sometimes the simplest things can cause huge problems . . .

The lock on the door is irrelevant if users of a system fail to close the door. For example, agencies are mandating use of smart cards and a Personnel Identification Number (PIN). But what happens when someone cannot remember the PIN? Too often the PIN is written on a Post-it note or piece of tape on the card. All it takes is one card with a PIN written on the back to given an intruder access to a system. The problem is even worse for agencies who still have user IDs and passwords. How many people have passwords "hidden" under a desk pad, keyboard or in a drawer where, of course, no one will ever find them? And how many people are disciplined for that offense? I've never seen an employee disciplined for what is, in effect, blowing a hole in the agency's security efforts. We have to start holding everyone accountable for behavior that weakens security.

Does this sound like your workplace? I suspect it does.

Robin Shea has 30 years' experience in employment litigation, including Title VII and the Age Discrimination in Employment Act, the Americans with Disabilities Act (including the Amendments Act). 
Continue Reading

Subscribe

Archives

Back to Page

Here we grow again! Constangy is pleased to welcome 32 experienced attorneys in a significant expansion of the firm’s Cybersecurity & Data Privacy practice. The attorneys who will be joining the Constangy Cyber Team are located across 17 cities in 12 states, and are driving the opening of new offices for Constangy in Baltimore, Indianapolis, Philadelphia, Portland, Seattle and Washington, D.C. To learn more about the Constangy Cyber Team, click here.