5 Traits of a Human Firewall

5 Traits of a Human Firewall



Trait 1: Thinking Before Clicking
Phishing continues to be the top strategy in every cybercriminal’s playbook. Many attacks are generic and easy-to-spot thanks to their poor grammar or nonsensical messaging. But other phishing campaigns feature advanced techniques like email spoofing, where the attacker attempts to impersonate individuals the victim is familiar with such as a legitimate business associate, a friend, a co-worker, or a manager. A strong human firewall identifies all potential phishing attacks by thoroughly inspecting emails before taking action, by treating requests for sensitive data or moneywith skepticism, and by never assuming a message is safe just because it comes from a familiar sender.

Trait 2: Practicing Situational Awareness
Situational awareness means minding your surroundings and using common sense. When accessing a secured area, always ensure no one slips in behind you—an attack known as tailgating. Did you know a messy desk could be a security risk? By keeping an organized workspace, you lower the chances of misplacing badges, keycards, flash drives, and other important items like confidential documents. When traveling or working away from the office, always keep an eye on your belongings and use extreme caution when accessing highly sensitive information in public. Make sure no one can look over your shoulder to see your screen. Physical security is just as important as cybersecurity, and it’s made possible by practicing situational awareness.

Trait 3: Protecting Access
As a valued member of our organization, you have been granted access to various computers, networks, data, and buildings or offices. That access is considered a privilege and it’s your responsibility to protect it, both digitally and physically, at all times. Protecting digital access means never sharing login credentials with anyone for any reason, using strong unique passwords for all accounts, and knowing what type of data may be shared publicly versus data that must remain private. Protecting physical access means never allowing someone to borrow your keycard or badge, locking workstations when not in use, and shredding confidential documents when no longer needed.

Trait 4: Reporting Incidents Immediately
Preventing security incidents represents the human firewall’s most important role. Properly responding to incidents when they occur comes in as a close second. The term “incident” can refer to any situation that threatens our organization’s security. A door left open; an unknown individual hanging around; a phishing email; a suspicious package—these all represent examples of potential incidents that must be reported immediately. Timely reporting allows organizations to investigate what happened, warn other employees, and take prompt action to mitigate damages.

Trait 5: Always Following Policy
Policies exist to ensure that everyone does their best to protect the security and privacy of employees, clients, partners, and business associates. Circumventing policies, whether intentionally or unintentionally, puts our entire organization at risk. And while we require that you know and follow our policies at all times, we also encourage you to ask questions when you’re unsure of something. Strong human firewalls never make assumptions and they ask for help whenever they need more information.

*5 Traits of a Human Firewall is attached for your available download.*
    • Related Articles

    • Webinar: Session 3 MISC Security Tips

      Feel free to download the PowerPoint that was used for this presentation (above). Unfortunately, we ran into technical issues and were not able to capture the live session, but this PowerPoint is fairly self-explanatory. If you have any questions on ...
    • How to Run a Password Security Check in Chrome

      It seems like every other day you hear in the news that a store, bank, or institution was hacked, and passwords were compromised. That’s why its important to run a password security check from time to time to determine if you have any passwords that ...
    • Tech Bytes: Password Manager

      Let’s talk Password Managers and why you should use one.
    • How Would I Hack You?

      Almost all of us have personal information floating around on the web right now, right? But not everyone knows that something as simple as listing an alma mater on LinkedIn can be used to hack someone—and the business they work for. Rachel Tobac will ...
    • Phishing Attempt 4/20/2020

      Did you know the hackers are taking advantage of the fact that everyone is a little out of sorts thanks to Covid-19? They are using this as an opportunity to catch us with our guard down.