Talking technology – can you risk it?

Consider your actions and behaviour when using technology

Some of you have so much power at your fingertips that you could wreak havoc with just a few mouse clicks. Get the wording wrong in an e-mail and you can expose your employer to sex discrimination claims. Visit the wrong file-sharing site and you can open the door to unwanted intruders. Download a large film clip and you can slow down the network for every employee. Mislay your PDA or laptop and you can damage the reputation of your employer and your career prospects.

Technology can expose both individuals and organisations to all manner of risk, creating challenges for finance students and their employers, but you can help to minimise the potential for damage by considering the implications of your actions and modifying your behaviour.

Information and communications systems make it easier for fraudsters to collect the data they need to hack into corporate systems, or to impersonate a business or one of its directors or employees. So never reveal confidential or sensitive information in a blog or an e-mail, don’t post personal details on social networking sites such as Facebook and MySpace, and be aware of the risks posed by social engineers – who may try to use telephone calls or personal encounters to extract information.

Because devices such as iPods, laptops, BlackBerrys, digital cameras, and USB memory sticks are now almost ubiquitous, protecting your personal devices and the data they contain can be as important as protecting the devices and data belonging to your employers and business contacts. Doing so may take a little time and effort, but the possible repercussions if you don’t should motivate you to take advantage of the built-in security features on any digital device you use.

Check if the firewall is enabled on your laptop, mix letters and numbers in a complex ‘non-dictionary’ pass phrase (instead of a password), and use the security lock and PIN number on your mobile phone. If you know the phone’s serial number then your service provider can use it to remotely disable the device, if necessary. (Type *#06# into your mobile phone and the number should be displayed.)

Wireless breaches are almost as commonplace as lost mobiles, but they can be a lot more costly in terms of lost data and legal liability as well as damaging the reputations of those involved. So if you are using a wi-fi network, turn on the firewall and Wi-Fi Protected Access (WPA) that generally comes as standard (WPA is more secure than Wireless Equivalent Protocol, or WEP). Use a non-dictionary pass phrase – the longer the better – and if you log on to a wireless network in a public place, such as a cafe or airport, be aware that appearances can be deceptive.

‘Evil twin’ attacks, where a rogue connection eavesdrops on wireless communications by masquerading as a legitimate wi-fi network, are a growing problem. If you are using a corporate laptop, your IT department may well have security in place to prevent this, but your personal machine could be at risk, so you might want to explore the protection offered by e-mail encryption and software programs such as Pretty Good Privacy (www.pgpi.org) and DESlock (www.deslock.com).

Last, but not least, find out about your employer’s internet use policy, content management guidelines, and mobile security procedures, then follow them. And if you don’t think they look up-to-date, tell them, because technology is an area where your failures and those of your employers are increasingly co-dependent.

 

"Wireless breaches are almost as commonplace as lost mobiles, but they can be a lot more costly in terms of lost data and legal liability as well as damaging the reputations of those involved"