Human and physical factors in information security

Human factors

In all honesty, around 80 % of all information-security problems are caused by users, and only a small percentage by physical factors in software or hardware. So stop for a moment and consider whether you recognize yourself in the following ways of thinking.

  • “No one ever broke into my computer, so why should I protect it?”
  • “Who would be interested in my files, anyway?”
  • “That file probably doesn’t contain a virus.”
  • “I don’t feel like making backup copies of my files right now.”
  • ”Well, I can’t be bothered to lock my workstation at the computer station while I go to the bathroom”

Further, consider what the user is doing wrong if he…

  • forgets to log off a computer before leaving it.
  • stores his password on a piece of paper e.g. under his keyboard.
  • selects a simple password that is easy to remember for web services.
  • gives his password to someone else to use.
  • copies software off unknown web sites.
  • leaves his print-outs lying near the printer.
  • forgets his USB stick in the USB port of a public computer.
  • stores his password on his phone.
  • neglects to make a back-up copy of an important file.

Physical factors

In addition to the users, different physical factors threaten the safety of the computer and its storage units, CDs and DVDs, USB sticks and other hardware. Many of the physical factors are as dangerous as the human ones; a fault in a storage device, for example, can cause problems with reading the file or, in the worst case, can destroy the whole file.

The following list contains practices that can improve the safety with respect to physical threats:

  • dampness, heat, dust: store CDs, DVDs and other storage devices in a dry, dustless place and do not expose them to heat. Make sure that the ventilation holes in your computer are not covered by e.g. stacks of papers or books on your desk. Dust the computer, mouse and keyboard regularly.
  • shaking: protect your laptop computer from shaking, and do not move the laptop while writing to e.g. a DVD. Do not store hardware on the floor, where it will gather dust and make cleaning harder.
  • theft: do not leave your laptop lying around, e.g. on a desk in a reading hall. Be VERY careful with what information you store on your computer and how it is protected.
  • fires and other catastrophes: do not store the back-up copies of vital files in the same building as the original files.