Threats on the Top Internal Security
Employee error, laptop theft, contractors’ unauthorized access to information, disgruntled employees, and password mismanagement – all of these factors can mean drastic revenue loss, legal liabilities, diminished productivity and brand erosion.
The following are the top Internal Security Treats to find out:
1. Your Employees Are Selling You Out –Part 1
An e-mail spoofing fraud attempt that targets a specific organization also known as Spear phishing to gain unauthorized access to such confidential data..
The result: thus, employees could retrieve all company private files and worpress.
The remedy: Phishing-fighting strategies include implementing anti-phishing toolbars that display a website’s real domain name, as well as maintaining a roster of well-known phishing sites for employee reference. But companies should forget about training IT personnel and staging corporate awareness campaigns, says Alan Paller, director of research at The SANS Institute. Rather, he suggests running “benign spear phishing exercises against your own employees….There’s no other way to solve it.”
2. Laptops on the Loose
Accidentally, you forgot your laptop at a hotel’s cleaning staff would create a big impact. According to software security firm Symantec, the theft or loss of a computer or other data-storage medium made up 54 percent of all identity theft-related data breaches in the second half of 2006.
Laptops aren’t the only security risk. Boasting unprecedented disk storage capabilities, portable devices such as iPods, the BlackBerry and flash memory sticks also present dangers. Not only do these pocket-sized tools allow users to bypass perimeter defenses such as firewalls, but they also allow workers to remove proprietary information from a company’s premises. What’s worse, Gartner estimates that only about 10 percent of enterprises have any policies dealing with removable storage devices.
The remedy: Companies should require employees to protect their laptops with a startup password so that if they are stolen, at least the data is unusable.
3. Unintentional Access and Disgruntled Ex-Employees
An advantage of working for a company is the access one gets to multiple computer systems, from e-mail messaging to HR payroll. And this makes all company systems be in danger due to it’s divulged password securities. Thus, making it visible to everyone. That administrator has a tendency of not being able to update the data.
The remedy: Administrators should update data securities to maintain its confidentiality and prevent access to an unauthorized user.
4. Missing Security Patches
Its Unfortunate those Vendors aren’t always quick to produce the necessary protection in the face of a newfound security hole. In fact, Symantec reports that in the second half of 2006, all the operating system vendors that were studied had longer average patch development times than in the first half of the year.
The remedy: Patch management software and services can greatly ease the burden on today’s administrators. Ecora’s Patch Manager automates system discovery, patch assessment and patch installation on workstations and servers
5. Your Employees are Selling You Out, Part 2
Some joke emails you received may not be so funny. It is very common now receiving this kind of threats. That cause data leakage stemming from outbound e-mail is among the primary concerns. According to the Ponemon Institute, 69 percent of organizations reported serious data leaks caused by either malicious employee activities or non-malicious employee error.
The remedy: Strict usage policies can prohibit employees from
