Find out more information about  
Fill out this form and a representative will contact you.
Captcha Image
Contact Us
The New Rules of Engagement

When we grew up, we were taught simple, basic rules for safety. Don't talk to strangers. Don't take your money out in public. Look both ways before crossing the street. Don't take candy from strangers.

In light of the continuing series of data breaches at large and otherwise successful and seemingly very secure companies, we need to be teaching younger professionals as well as ourselves a similar set of basic safety rules for corporate IT security. Just ask Beth Jacob, who used to be the head of technology at Target, until she resigned in March after a major data breach of customers' credit card numbers. Or AOL, whose subscribers suffered a massive spam surge after its internal network was penetrated. Or Heather Bearfield, National Leader of Marcum's Technology Assurance Services Practice group, who advises our clients about their potential security vulnerabilities.

Heather spends a lot of time finding and pointing out the weak links in our clients' IT systems and advising them about how to strengthen them. She says CEOs are often the biggest culprits when it comes to lax protocols because they think that they spend so much on IT that they have a false sense of security. They think their infrastructure is airtight; they don't realize that they could be a target. You might be surprised at some of the things Heather’s team has seen in supposedly secure offices – or maybe you wouldn't. Employees posting passwords on sticky notes. Employees leaving "secure" workstations with their screens still live. Clicking bad links, having laptops stolen, losing thumb drives and company phones. And so on.

The importance of data security may seem obvious, but younger employees especially may not always recognize the inherent need for following a safety protocol. The newest generation of workers grew up in an age of technology. They are the Jetsons. They take a lot of this stuff for granted. We are the Flintstones. We have to work at it.

Working online has become so ubiquitous to the way we do business that it's easy to brush off some of the simple but easy-to-avoid steps we should all be taking to reduce the vulnerability that complacency can create.

As always, our best safety net is the tried-and-true childhood advice our moms gave us.

Don't talk to strangers. People you don't know don't want to wish you a happy birthday. If you receive an email solicitation from someone you don't know or about a subject you don't know, forward it to your IT department for blacklisting if you can and delete it unopened from your inbox. Listen to your gut. If it doesn't feel right, don't click the link.

Don't take your money out in public. Are you working in a Starbucks or an airport with your company's financials up on your screen? Are you keying your password in clear sight of others? People with nefarious goals know they can find unsuspecting targets in open-access environments. Be aware of your physical surroundings and the inherent risks of working in a public place.

Look both ways before crossing. When it comes to social networking sites like Facebook, you are in the middle of a digital intersection with traffic coming from all directions. You may be offering snooping eyes a lot more information than you think. Even if your password is safeguarded, your security questions may be vulnerable to attack. If someone can look at your FB page, they can find out enough about your personal life to figure out things like your mother's maiden name, which is often the security question for bank and credit card accounts. And speaking of passwords, don't use dictionary words or names unless you also utilize numbers and special characters. Also remember that any information or photos you post can be captured and reproduced; Snapchat is forever.

Don't take candy from strangers. Business networks are plagued by phishing scams. If someone's offering you something that's too good to be true, it's too good to be true. Don't take the bait. Report it to your IT dept.

Remember: The sticky note you or your employee writes today may be the threat that shuts down your network tomorrow. Don't do it, and don't wait to make sure that no one else in your company is doing it. Make IT security a top priority now.

Heather Bearfield and Julie Gross Gelfand contributed to this posting.

Go Back

The opinions expressed in this column are solely those of Jeffrey M. Weiner and do not represent those of Marcum LLP, its partners or its employees.

Meet Jeffrey M. Weiner
View Jeffrey Weiner's Profile View Profile
Download Jeffrey Weiner's Contact Card Download vCard
Connect with Jeffrey Weiner on LinkedIn Connect with Jeffrey Weiner
Follow Jeffrey Weiner on Twitter Follow Jeffrey Weiner
Subscription Preferences
Recent Posts
Perfecting the Wheel
Forever Young
Debate and Switch
Lesson Learned
October 2016
September 2016
June 2016
May 2016
April 2016
March 2016
February 2016
January 2016
December 2015
November 2015
October 2015
September 2015
June 2015
May 2015
April 2015
March 2015
February 2015
January 2015
December 2014
November 2014
October 2014
September 2014
June 2014
May 2014
April 2014
March 2014
February 2014
January 2014
December 2013
November 2013
October 2013
September 2013
June 2013
May 2013
April 2013
March 2013
February 2013
January 2013

New York
New Jersey
Rhode Island
Grand Cayman

Get in Touch

Get Connected
Privacy | Legal | Sitemap | Secure Mail