Piggybacking – Its not just for Kids!
To kids, piggybacking is when someone jumps on your back and you carry them around for a while. In the business world, piggybacking is when you let someone that you do not know enter a door that you just opened.
This can be a physical door or a virtual one.
A lot of organizations rely on biometrics, key cards, or even regular keys to open locked doors. These could be doors to get into the building, parking garage, a particular office. Piggybacking is when someone you do not know, waits for you to open a locked door or to enter a password, and enters behind you.
Many people allow this to happen when at a physical door because they want to be nice and courteous and open doors for people, you may even hold the door open for them. While this may be a nice gesture in public places, at the workplace, this could end up costing you. With your computers and devices, they can be sat on your device or system for up to 209 days, waiting for you to enter a password or to give them an entry point to your most valuable data. The bad guys, just like they would try and trick you with a fake email, are targeting your good nature, to gain access into a secured building.
If someone you do not know, is trying to enter the door behind you there are a couple of things you can do to still be courteous and follow the rules.
- Ask them where they are going and who they are there to see, then escort them to the office of the person they are going to see and verify that they are supposed to be there.
- Kindly decline to let them in and explain that your organization has a strict no-piggybacking rule.
Once the bad guys have access to your offices, they can plug into any internet outlets, or sit down at an open and unlocked workstation, or place infected USB keys around the hallways and bathrooms. Remember, when it comes to piggybacking, kindly decline or insist on escorting them to the person they are there to see.
When looking to protect your computers and devices, following Cyber Essentials and Cyber Essentials Plus is a great start. Some of the key points are:
- Turn off Autoplay – stops a USB drive is plugged in and instantly uploading ransomware, viruses, or unwanted programs
- Set your password to renew every 90 days, but ideally 30 days
- Make sure your firewall is set up.
- Have a good antivirus
- Keep your OS up to date
- Get a good Anti-Malware
Adding to this, do you have a backup in place? Can you recover? By implementing a backup solution, you can quickly go back to files at certain times and versions, giving you the ability to return to a point in time.
Have you changed the standard user name and password on your router? What about the set SSID and WIFI Password? These are standard settings and available online, by changing this it can make it harder for a bad guy to get in.
For More information on preventing piggybacking, contact us today.