Fri 17 Aug 2007
Top 5 Security Threats - its an inside job.
Posted by Digital Reach under Email Security , Data SecurityForrester Research recently reported that the majority, as high as 85 percent, of security breaches involve internal employees. These include inadvertent employee error, laptop theft, contractor unauthorized access, disgruntled employees and password mismanagement. These factors can have a drastic impact on revenue, liability, productivity and brand.
What are these threats and how can you avoid them?
Phishing
Phishing is an email that “looks” like the real thing but is far from it. It is a means to gather trust from the receiver in hopes of collecting sensitive login information, banking account numbers, credit card numbers, and a host of other personal information including phone numbers, SSN numbers and addresses.
“These days a phishing attack is almost indistinguishable from the real thing,” says Paul Stamp of Forrester Research.
Employees mistakenly disclose confidential information including passwords and financial data to the attackers. These internal employees are essentially opening a company up to criminal activity.
Laptop Theft
Leaving your laptop at the coffee shop, airport, hotel or restaurant can have greater consequences than merely being an inconvenience. The loss of a computer or data-storage device made up 54% of all identity theft-related data breaches in 2006 according to Symantec.
The theft can minimized should it occur. Companies should require employees to protect their laptops with a startup password. Also, deleting old emails, text messages and unwanted files should be put into practice. It is also a good idea to make use of the device’s built-in encryption capabilities and password protection features.
Disgruntled Ex-Employees
Research has revealed that it can take up to 4 months to remove user rights of a former employee. Many IT administrators are simply too time-strapped to actively update users access and privileges. This delay can seriously endanger the security of mission-critical applications.
Digital Reach offers solutions that automate policy enforcement and delegate administration for user provisioning. This helps maintain security levels while managing large numbers of users.
Missing Security Patches
Many IT administrators are simply too overburdened to ensure that they have the latest updates and patches in place for their systems. As a result, viruses succeed in penetrating their IT environment. If you are not up to date with the latest anti-virus detections, you are clearly at risk for some of the latest threats.
Patch management solutions from Digital Reach can greatly ease the burden on today’s administrators. These solutions automates system discovery, patch assessment, and patch installation on both workstations and servers.
Data Leakage
Joke emails, web link forwards, photos of friends and family not only hurt a companies productivity but can also serve to leak sensitive data. Data leakage is primarily the result of malicious employee activities or more common, non-malicious employee error. The most innocent of correspondences can result in trouble. Example: an email message sent to a co-worker can offend leading to legal liability.
Installing strict usage policies can prohibit employees from sending sensitive information via insecure email.
