Friday, September 11, 2009

PCI Security Awareness

The HR manager in my office walked around today handing out a postcard-sized memo regarding office security. Because of today's history, I've decided to share this valuable information with you. Below you will see a photograph of the memo and I will also provide a transcript.



The Importance of Maintaining a Clear Desk or Workspace
Maintaining a clear desk or workspace is important to help ensure sensitive information is not physically exposed when you are at your desk, when you leave your desk unattended during the day, or when you leave at night.

-Lock sensitive documents in a drawer or cabinet when not being used.
-Ensure all paper based information is securely disposed of (i.e. shredded).
-Do not write down passwords and display them for others to view.
-Always lock your computer when leaving your desk (Ctrl+Alt+Del then enter).
-Lock removable storage media away when not in use.
-Physically secure laptops to something immovable with a cable lock.
-Encrypt all sensitive information stored on laptops or removable storage media.
-Remove all information from meeting rooms when you leave.
-Collect documents from the printer as soon as they are printed.
-Always take valuables with you when you leave, or lock them away.

Or to summarize it up in eight words: Don't leave out shit you don't want stolen.

Take that you terrorist sons of bitches! USA! USA! USA!

2 comments:

Anonymous said...

That's so lame. The idea of leaving cards on desks is fine but the actual message is dull as dishwater. Even your blog entry is better (not much of an accolade that though).

This is an excellent demonstration of why infosec pros should not try to do awareness.

Jon said...

Ummm.... thanks?