Everywhere you look business owners are inundated by issues pulling their attention in a multitude of directions. One issue almost every owner has managed to get under control is network security. These businesses are secure from external threats and because of this, believe their systems to be 100% safe, however, they may have missed the possibility of internal threats.
In recent years the majority of security threats and compromises have come from within the company. A common threat to companies is the logic bomb – malware that targets IT systems and deletes data. As a logic bomb is introduced from within the network, the blame often lies with a disgruntled employee with full access to internal systems.
Giving employees full access to the network when they don’t need it is a common mistake often made by companies. There’s little need for an employee who does graphic design to have access to weekly sales records. This practice could set your company up for a considerable security problem in the future.
Dawn Cappelli, an insider-threat expert at the Carnegie Mellon Software Engineering Institute stressed, “These types of insider attacks happen to businesses of all sizes, from small companies to very large corporations.” This is an important issue businesses should be aware of if they want to remain secure.
Security threats can be a particularly harsh nightmare for small businesses, as many don’t have an IT department or staff with the technical expertise needed to maintain a secure network. If you’re one of these organizations, it’s a good idea to hire an outside consultant to help you with your network security. With consultants, it’s important that you maintain close contact with them to ensure any issues that crop up are dealt with expeditiously.
If you don’t work with an external company there are a few things you should do when you have an employee leave the company. First, their accounts should be deleted immediately and their access privileges should also be revoked. Second, if you have accounts with shared passwords, you should change them to ensure an ex-employee can’t gain access to the system.
If you’d like to learn more about internal security, and measures you can take to ensure you are safe, we are ready to help you. Please contact us.