While it is often suggested that the biggest data security threat for an organisation is that of the nerdy, stereotypical computer hacker type maliciously breaking in to a secure network to upload nasty viruses or perform the crime of the century, this is really not the case at all. The biggest threats and concerns to an organisation’s data security, in most circumstances, arise from a variety of internal sources.
As an organisation’s operational boundaries continue to grow with increased adoption rates of mobile, handheld and wireless technology, the threats to data security from internal sources also increases as these devices move in and out the door without proper mechanisms for monitoring and control. These internal sources may include employees, partners, dealers and a Cadbury’s assortment of other users which may have either authorised or unauthorised access to an organisations network and data storage.
Failure to recognise, address and manage these threats may not only risk data and information itself – the most valuable asset an organisation has, but also leave the company wide open to the possibility of litigation, bad publicity, reduced productivity, financial loss and damage to brand, reputation and goodwill that cannot be easily recovered from.
This article discusses ten potential areas for internal data security breaches which should be given priority and thought.
1. Portable Storage Devices
Portable devices such as solid state media and external hard disks, used either by an employee or a visitor with access to a workstation or server can easily be connected via a USB, Firewire or eSATA port. In most cases www.newsoftwares.net/usb-secure/ these devices are not documented or registered as part of the internal infrastructure and are therefore unsupported and unsecured. As a result there is a risk of unwanted upload of data to unprotected internal networks and workstations. In addition to this there is also the risk of the extraction, transportation and dissemination of sensitive data outside the organisation.
2. Devices Used Off-Site
Laptops, PDAs and mobile telephones access the internal network directly or via remote connections. If these are connections are configured and supported correctly, they can be very secure. However, the majority users of these types of devices are not always security conscious and rarely use the access control available with the device for easier or quicker access. So whilst the device is in the possession of the correct user there is minimal risk, yet if the device were fall in the wrong hands the same access that is afforded to the intended user is now available to the unauthorised user.
3. Inadequate or Out-of-Date Anti-Virus/Security Software
Majority of anti-virus vendors offer virus updates and software patches to their users over the Internet on a daily basis. If these are not kept up to date, then your data can be compromised unknowingly by a virus or another form of malware either from the Internet, email or outside media.
4. Software Patches and Updates
Downloadable patches and other software updates need to be trialled within an isolated test environment prior to internal deployment. These can pose a threat in two different ways, the first would be instability or in compatibility with the current system, this can cause inaccessibility or corruption of pre-existing data and systems. The second is the use of these channels for malicious users to distribute viruses and other malware through what was believed to be trusted sources.
5. Wireless Connectivity
There is now a trend of increasing availability of wireless hot spots in public areas such as hotels, airports, supermarkets, fast food restaurants and coffee houses. This allows for users to have open access to the Internet via open or uncontrolled wireless connections. If not managed correctly, the same ease of access that is afforded to the user to the outside world via their laptop or PDA, can be exploited by malicious outside users.
6. Email Attachments
Most users will receive a slew of emails that are not work related, many of which have attachments and are from outside the organisation. Whilst most are harmless, there are a large number that sent from users with malicious intent. When attachments are downloaded or accessed, executable files can compromise anything for a single workstation to an entire network. This can be in the form of an outwardly destructive virus or more discrete spy ware. Internal policies should clearly outline the parameters of acceptable use as well as the implementation filters and anti-virus scanning.
7. Peer-to-Peer File Sharing
Peer-to-peer file sharing, involves opening communication ports to facilitate the download and upload streams to a single workstation. These open ports are vulnerabilities that are not secured or monitored by IT personnel. This can in turn open the door to outside unauthorised users to gain access to internal networks or leach bandwidth.
8. Disgruntled Employees
Whether out of spite, revenge or with the intent to steal for self gain, the risk to the security of your organisations information assets can be of utmost concern when the wrath of a disgruntled employee or one with a criminal agenda or intent is unleashed. Disgruntled or outgoing employees have access to internal systems and dependent of their level of access and privileges, a user whose access has not been restricted within a timely manner can pose an enormous threat to any organisation. This could be in the form of leakage or theft of confidential data, corruption or deletion of data, or the upload of malware to internal networks.
9. System Administrators & IT Personnel
The people who are responsible for implementing and maintaining data security measures and policies are also major risk. System administrators and IT personnel are able to create security threats unintentionally through lack of knowledge or inexperience. On the other hand, their intimate knowledge of the system allows them to create security threats for malicious or unauthorised activity.
10. Instant Messaging
Instant messaging applications tend to by-pass corporate security content inspection filters or protection for sensitive information. There is also no record of the content from an instant message session. This can lead to a number of risks involved with malicious disclosure of sensitive information, social engineering and stalking.