Tuesday, September 27, 2011

COMPANY SECURITY RISKS: Employees

(Extracted from the best-selling book, "UNDERSTANDING THE LAW: A Primer", by Attorney Charles Jerome Ware (iUniverse Publishers, 2008); and the new book, "LEGAL CONSUMER TIPS AND SECRETS", by Charles Jerome Ware, former Special Counsel to the Chairman of the U.S. Federal Trade Commission (iUniverse, 2011)).

What is a company's biggest security risk?
Answer: the employee.  That's right, employees are the weakest link in company security.  Particularly for "hackers' or "crackers", who access computer systems by circumventing security systems.

The following are just four (4) of several ways "hackers" or "crackers" use employees to break company security:

(1) The employee opens an unexpected email attachment from a colleague.  Hackers frequently use these opportunities to inject viruses inside the company network, bypassing the firewall. 

(2)  The employee uses his or her personal web email for work.  The employee believes this makes it easier to work from home or to move files between computers.  Hackers, however, see this as an opportunity path to access critical data from relatively unprotected services.

(3)  The employee brings a new personal computer or electronic gadget to the work network.  The employee sees this as an opportunity to stay up with the latest computer technology.  Hackers, though, see this as a new route or opportunity for viruses and spyware to find their way into corporate systems.

(4)  The employee uses the company's computer to post his or her job details on LINKEDIN.  The employee sees this as creating a professional presence and finding another potential job.  Hackers, usually rather cleverly, use this opportunity and vehicle to acquire hierarchies and to target particular users with spear-phishing attacks.

No comments:

Post a Comment