Please be aware of a recent security incident at a BW office that calls for heightened vigilance going forward.
- A couple of weeks ago, an unknown individual arrived at our Design Group Atlanta West office and presented a printed work order bearing the name of a former BW team member.
- The individual requested access to the office's IT network closet to conduct a network site survey.
- The on-site team handled the situation exactly right: They denied entry, documented the work order and immediately reported the incident to IT to verify whether a service call had been placed for their location.
- Upon investigation, BW's networking team confirmed that no such work order had been issued by BW. This was quite suspicious.
Please note that this visit could have merely been a clerical or administrative error rather than a malicious act. Nonetheless, this is a good time to remind all team members of the following safety and security protocols:
- Do not allow outside workers to perform work on your premises without advance notice.
- Even if they have a work order or they claim to have been sent by IT, never grant a third party access to your IT network closet, server room or any network infrastructure without first verifying the access request directly with your IT service desk.
- Never allow anyone access to your PC unless it’s the BW service desk responding to a ticket you submitted.
- If you receive such a request, deny entry pending verification, document the incident (photograph the work order if one is presented) and report it to your service desk immediately.
Physical security of our network infrastructure is a critical part of our overall cybersecurity posture. Please share this message with the appropriate members of your team and ensure everyone who manages site access is aware.
If you have any questions or concerns, or if you become aware of a similar incident in one of your locations, please report this to your IT service desk.
