When an expert touches something, whether physically, digitally, or in some other way, it bears their fingerprints. Thereafter, any lapse in security or any disclosure can and often will be traced to the SME’s protective care. That’s why SMEs should never be careless with valuable assets.

SMEs don’t leave doors open when they should be locked, so they shouldn’t leave documents on their desk if they should be stored in a drawer and they shouldn’t cut corners when securing their computers. SMEs must keep valuable assets secure.

I once worked with a senior software architect who was also a highly trained computer security expert. He was in demand by clients and colleagues to fix their most vexing information security issues. Because of his expertise, he was granted carte blanche access to his employer’s networks.

One day a compromise was detected inside the company. After careful review, an innocuous server was found under the security expert’s desk. The server, it turns out, had been hacked by foreign actors and was being used to launch attacks on the rest of the company’s network. The team that monitored the company network knew about the server but assumed the expert had a purpose in keeping it on the network. Like a plumber who does not maintain the pipes in his own house, the expert neglected the server as it aged, and it became vulnerable. Had the server been in anyone else’s care, the company’s security team would have most certainly shut it down, but because they trusted the expert, they allowed the sloppy maintenance to persist. Remarkably, the expert kept his job, but trust was compromised.

Few things will destroy trust faster than carelessness. SMEs should never be careless, especially with valuable assets.