What's wrong here?

 What'sWrong

The City’s Information Technology Department wants to get you thinking about IT-security issues with a game called “What’s wrong here?” See if you can identify 10 issues in the image above that could change to create a safer environment.

1. Sticky notes on the monitor display passwords.

StickyNotes

Even though it’s tempting to write passwords down, it’s never a good idea to put them in an obvious location such as under your keyboard, much less stuck to the screen. If you have trouble remembering all of your passwords, write them down and store them in a locked drawer or on your person (never including your user name, of course). Better yet, use a password manager, which is like an encrypted vault for your passwords that you can access online from your computer or smartphone. Never allow anyone to use your credentials to gain access to a protected information system. That is a violation of the City’s Electronic Communications Policy.

2. Smartphone left unattended and unlocked on the desk.  

  Phone

Smartphones contain personal and professional information such as contacts, email, notes, voicemail, texts and photos. That data could be used to steal your identity. Protect your smartphone with a passcode and set the auto-lock for when it’s not in use. And consider using a “find my phone” app in case of theft. If your City-provided phone is lost or stolen, contact the IT Service Desk as soon as possible by email or at 612-673-2525.

3. Computer is unlocked and unattended.

MonitorOn

Anyone passing by could dig through this employee’s electronic files, copying or deleting as they go. You can quickly lock your computer by holding down the “windows” key and pressing the letter “L” (as in “lock”). Always lock your computer when it’s unattended.

4. Outlook email left open.   

Outlook

Anyone could come by and read this employee’s work email messages or send messages from the account. Always log out of Outlook when it’s not in use or lock your computer when it’s unattended.

5. Personal email left open.

Gmail

The same goes for this employee’s personal email account; anyone could come by and read the employee’s personal email messages or send messages from the account. Someone could even set the personal email account to automatically forward all mail to a different account. Always log out of your personal email account or close the browser when it’s not in use, or lock your computer when it’s unattended.

6. Thumb drive left on the desk.

USB

Imagine the kind of data thumb drives contain. How about spreadsheets full of City data? Or personal financial documents destined for the IRS? If you’re not actively using them, place thumb drives in a drawer and lock them up.

7. Security badge left on the desk.

  Badge

Security badges allow for unescorted access to various areas and are meant to confirm a person’s identity. Please don’t allow someone to steal yours; it could be counterfeited or used to give the wrong person access. Keep your badge on you or in a secure location.

8. Keys left on the desk.

Keys

It is remarkably easy to figure out what car these keys go to, and the other keys on the employee’s key chain could open the server room, desk, file cabinets or some other restricted space. Never leave your keys unattended.

9. Papers strewn across the desk. 

Papers

Many people pass through City workspaces each day. Piles of papers not only look messy, they could be sharing information you don’t really mean to share. Keep your papers off your desktop; file them away or put them in your desk drawers.

10. Recycle bin contains documents that should be shredded.

Recycle

Not all paper should be recycled as is; some should be shredded first. If you’re at all concerned about someone reading your discarded documents, shred them. 

How well did you do? Hopefully these 10 points opened your eyes. Maybe you’ll see more security gaps that weren’t covered in the game. If you think of more gaps that you want to share, please email IT Security Analyst Roger Hagedorn or call him at 673-3182.

Published Feb 8, 2017

QUICK LINKS

Home

Contact us

Email updates

Find a service

About this site

For employees

Accessibility:
For reasonable accommodations or alternative formats, contact 311.
People who are deaf or hard of hearing can use a relay service to call 311 at 612-673-3000.
TTY users can call 612-673-2157 or 612-673-2626.

Para asistencia 612-673-2700, Yog xav tau kev pab, hu 612-637-2800, Hadii aad Caawimaad u baahantahay 612-673-3500. 

CONNECT

311 call center

TTY relay service

 

facebook25x25 twitter25x25 youtube25x25 Minneapolis311icon logo tv 14 footer icon image linkedin_32x32




mpls-logo-white120