T 3.8 Improper use of the IT system

Incorrect or improper use of an IT system can jeopardise the security of the IT system if IT security safeguards are ignored or bypassed through the misuse.

For example, security incidents can occur when access rights are granted too generously, the passwords are easy to guess, the data media containing backup copies are inadequately protected, or the terminals are not locked during temporary absences.

Similarly, data can be accidentally deleted or changed though the incorrect operation of IT systems or applications. However, confidential information could also be disclosed unintentionally, for example when the data access rights are set incorrectly.

© Federal Office for Information Security. All rights reserved.