- 25 Sep
Time to address the Internal Security Threat
In many Hollywood movies we have seen a random external hacker: a man who solely breaks through every defense and security measures in the IT systems of his target. But could his existence be real or is it simply overlooked?
The IT industry has more to lose than any other, when it comes to intellectual assets and data. The external security is the first in line for attention and take the biggest share of the company’s’ IT budget, and is still considered as the main route of security threats. But it is the enemy within the organization that is now stimulating IT professionals to incline up their security efforts. What was, at a time, usually considered to be an exterior hack, is now supposed to have been an inside job.
The biggest IT security risk to any organization is its employee, and companies must put into place mandatory security policies that help to prevent the enticement to breach security. Researchers say that the most likely offenders and cyber attackers are the system administrators or other IT staff who have the privilege to access the system. The best protection against this sort of outbreak is to observe employees closely and be vigilant for discontented employees who might exploit their position and authority. In addition to this, it is also strongly advisable to immediately withdraw and cancel all the network access and passwords after the employees leaves the company.
Accidentally forgetting your office laptop somewhere is more than a concern. Not only the theft or loss of a laptop can cost big bucks to the company, one of the survey reveals that laptops and the holdup of exclusive information is the fourth-greatest source of financial losses for any company. Removable storage devices such as iPods, memory sticks are also danger to security risk. These portable tools allow users to sidestep defense systems such as firewalls, and allow workers to take away any private information from the company’s premises. As worse is that only about 10 percent of organizations have policies to deal with such issue.
It is always important to remember that, as an employer, the company is responsible for anything your employees do using your computer network — unless reasonable steps are taken to prevent this. A monitoring software should be installed to check email and internet traffic. Also choosing to block certain websites and applications completely is also one of the solutions.
Evidently technology is swiftly emerging, and with this high pace of advancement comes an equally high pace of security breach. Unintended employee error, information leakage, unauthorized access to information, password negligence – all these elements can mean extreme revenue loss, brand erosion, legal liabilities, and declining productivity. This has nothing to say that external threats and hackers are not a danger to businesses. But the industry should now recognize that internal threat is also a real risk, and steps should be taken to address the problem.
About the Author