Protecting confidential client information
(legal, accounting, medical, etc)

Professionals have a legal and ethical obligation to preserve the privacy of their clients.  Unfortunately not everyone understands the technology related to electronic data.

Disposing of unwanted office computers

When you get rid of the old computers ensure that no information is left on the hard drives. Simply "deleting files" will not prevent someone from recovering that information. Reformatting a hard drive does not delete its data.  Using data distruction software, or physically destroying the computer's hard drive is the only way to ensure data confidentiality

Throwing out old cell phones with the SIM card still inside

When you upgrade a cell phone, remove the SIM (Subscriber Identification Module) card.  Information such as phone numbers, names and company data may still be stored on the SIM.

Staff using portable storage devices

Handy as they are anything that stores data, including iPods and Blackberrys can create privacy risks. Staff unknowingly transfer computer viruses and worms from their home PC (or Mac) to their PCs at work.

Internal wireless networks

Wireless devices use radio waves to transmit data.  This data can be picked up by anyone with the means to recieve it.  Ensure that all internal networks are WPA password protected to protect your wireless data.  Do not use unprotected networks to access sensative or otherwise confidential data.

Staff accessing personal web based email and aps at work

Internet access is often provided to staff through a neutral area on your network often called the “DMZ” (demilitarized zone). When employees access email or aps through third party websites, this can create a dangerous “back door” through your company’s security firewall so that hackers can potentially exploit your network.