Mistake 9: Leaving an open door
We all know it’s a bad idea to leave a door to our home open. But are we that careful at the workplace?
In addition to controlling access to your organization’s front door, you also need to control access very strictly into the data center, the wiring closet, and the computer room. Many organizations are careful about locking the doors to accounting and HR office to protect their private and financial information. The same should be done for their IT environment. Leaving the keys to the kingdom for anyone to access could cause accidental or intentional disruption. Someone could gain access to information he or she shouldn’t have, or plant malware in your data center, if it’s left unchecked.
It’s important to control access, and then monitor that access with a log book. That way if there is a problem down the line, you’ll have a better idea of when it happened and who had access at that time.
Don’t allow employees to prop open doors that are secured, and make sure that if you give someone temporary access – a vendor, or a summer employee – that the access is revoked when they no longer need it.
The same principle applies to directories, file sets, and applications. Employees should only have access to those applications they need to do their job.
Dennis Webb, IT Security lead for CAS Severn, will discuss this in more detail at our webinar, Top 10 Security Mistakes (And How to Fix Them) on July 22.