A good reminder for employers about maintaining cybersecurity comes from a recent Washington Post article ("This is why the government keeps getting hacked" by Jeffrey Neal) about the breach at the Office of Personnel Management. Sometimes the simplest things can cause huge problems . . .
The lock on the door is irrelevant if users of a system fail to close the door. For example, agencies are mandating use of smart cards and a Personnel Identification Number (PIN). But what happens when someone cannot remember the PIN? Too often the PIN is written on a Post-it note or piece of tape on the card. All it takes is one card with a PIN written on the back to given an intruder access to a system. The problem is even worse for agencies who still have user IDs and passwords. How many people have passwords "hidden" under a desk pad, keyboard or in a drawer where, of course, no one will ever find them? And how many people are disciplined for that offense? I've never seen an employee disciplined for what is, in effect, blowing a hole in the agency's security efforts. We have to start holding everyone accountable for behavior that weakens security.
Does this sound like your workplace? I suspect it does.
Of Counsel & Chief Legal EditorRobin also conducts internal investigations and delivers training for HR professionals, managers, and employees on topics such as harassment prevention, disability accommodation, and leave management.
Robin is editor in chief ...
This is Constangy’s flagship law blog, founded in 2010 by Robin Shea, who is chief legal editor and a regular contributor. This nationally recognized blog also features posts from other Constangy attorneys in the areas of immigration, labor relations, and sports law, keeping HR professionals and employers informed about the latest legal trends.
