Pratum Blog

One of the most overlooked information security practices is the shredding of handwritten notes.  Part of our ethical hacking engagements, also known as penetration testing, is trying to discover information about the organization or system through its users. This practice of social engineering is a core component to an ethical hacking exercise.

Many organizations have trained their employees to shred PHI, PII, PCI and other P – whatever-I that gets printed out.  What we find though is that many organizations have tons of valuable information that is handwritten but never destroyed.  During social engineering tests, these handwritten notes can often be found in various trash or recycling bins.

These handwritten notes often contain small amounts of very sensitive information such as security codes, combinations, account numbers or other information that could aid in creating a successful technology attack.

To ensure information security and protect against these social engineering efforts, remind your users that handwritten notes are no different that printed pages and the best thing that can be done to thwart a hacking incident is to shred those notes.

October is National Cyber Security Awareness Month.  We at Pratum partner with the National Cyber Security Alliance to help promote information security awareness both at work and at home.  Take a minute to check out the Stop. Think. Connect campaign and the Stay Safe Online campaigns put together by NSCA.

http://www.stopthinkconnect.org/

http://www.staysafeonline.org/

Do your part in keeping our children safe online.  Teach them how to protect their identity and data by using smart tips that kids as young as 5 can learn.  Cyber security education works best when parents help their children learn about cyber security.  There are multitudes of resources available.  If you need help, just contact us and we’ll provide free resources you can use to help teach your child about safe online habits.

The Des Moines Chapter of the Information Systems Security Association (ISSA) hosted the 3rd Annual Secure Iowa Conference on Tuesday, October 7th.  There were more than a hundred information security, risk management, audit and compliance professionals on hand for the event.  It continues to grow each year.  As the chapter president, I’m proud to say our chapter is helping to build a strong and vibrant information security community in Iowa with this conference.  Pratum is a proud sponsor of this event each year and we believe it is an important step to helping Iowa become a leader in providing a quality information security workforce.

The ISSA chapter started this conference in order to provide much needed networking and educational opportunities to information security professionals across the state of Iowa.  While Pratum has sponsored this event each year, there are many others such as Varonis, Rapid7, OneNeck, Lightedge, Palo Alto Networks, Torus Technologies, Shazam, Fishnet Security and Alliance Technologies whose sponsorships made this year’s event a success.  Many thanks to all involved and we’re already looking to reaching great heights in 2015!

The information we track while users are on our websites helps us analyze site traffic, optimize site performance, improve our services, and identify new products and services of interest to our users. To learn more please see our Privacy Policy.