Workplace Safety Programs Should Also Include Our Computers

[IMAGE CREDIT: Flickr user telepacificcommunications]Because many workplaces have their computers connected on a network, malware, hacks and viruses are real digital security threats to various pieces of information.

However, perhaps the most noteworthy piece of machinery nowadays is the computer – either a desktop, laptop or portable device like a tablet or smartphone. And with many companies, the computers or the general office network might have some basic security protections to keep computers and servers from crashing, but do you know if your network undergoes any regular maintenance? Are your computers regularly maintained and scanned for the latest malware, worms and viruses? Do you have the very best and most-updated security measures?

Cyberattacks have become more common in the headlines in recent years. Most of the noteworthy headlines in this area have to do with national secrets, some of which being culled by foreign governments. But perhaps the biggest threat for the general public has come in the form of identity theft. We have all read about reports of hackers gaining access to thousands of individuals’ personal information. Some people will take that information and use it for ill, stealing your name, Social Security or drivers’ license number to create an alternative identity and leave you holding the bag for whatever damage those criminals produce.

Perhaps the most noteworthy and notorious  cyberattack weapon is a worm called Stuxnet, which was designed by technicians in the U.S. and Israeli armies to hamper the development of Iran’s nuclear program. While the worm was effective in slowing the rogue regime’s pursuit of nuclear energy, Stuxnet has worked its way around the world and has now been affecting some of our own networks. Before he left, U.S. Defense Secretary Leon Panetta last year warned of a digital “Pearl Harbor” in which those who mean to do harm to the U.S. may very well disable transportation systems, power systems and disrupt water supplies simply by launching a cyberattack against large U.S. computer networks. And the cost of these types of losses can be enormous. As an example, a government worker in Canada lost a hard drive that contained personal information of nearly 600,000 people. And it cost $600 million (about $1,000 per victim) for the government to inform those people by letter of the security breach and undergo all of the steps and security measures to protect those victims from any compromises of their private information. This amount did not include the cost of any class-action lawsuits brought by the victims over this case.

While you may not have access to 600,000 customers and their personal information, this particular case can at least illustrate the potential cost of doing nothing about cybersecurity and leaving your company vulnerable to identity theft or a malicious cyberattack. In that vein, if your company relies heavily on computers and computer networks, then it would make sense to have your regular workplace health and safety program include a cybersecurity protocol for all of your computer devices. This program can include rules addressing the use of computers at home, determining the types of personal or company information that requires special protections, the construction of firewalls and policies involving the use of devices or portable disks (like USB thumb drives or external hard drives) that are not part of the company’s network and the approval process for use of such devices.

If you would like more information about the steps to take to build a cybersecurity policy as part of your workplace health and safety program, contact us at Purcell Enterprises and we will be happy to coach or consult you on some of the best practices to help protect your important network and your computers.