It seems that the data security landscape is constantly changing. Every day, new threats arise and fresh best practices emerge to keep companies at the forefront of protecting sensitive information. PKWARE’s staff of experts in data security share their thoughts in our blog, highlighting the most current topics on data security, management, and reduction. Check back frequently and join the conversation.

The Cyberthreat Inside

Posted by on in Data Security

When considering their approach to data security, many businesses focus exclusively on the threats presented by external forces but may be neglecting the danger that lurks within. According to a recent survey of approximately 1,000 employers, many companies do not adequately address the security risk that their staff members pose, Network World reported.

Forty-four percent of respondents said they trusted their employees not to steal data or improperly access confidential materials. In addition, 37 percent admitted that it was possible their staff members would do so, but would "like to think not". This misplaced level of trust could lead to significant data security vulnerabilities. Thirty-one percent of those surveyed said they did not need to put into place any protocols to prevent employees from accessing confidential or sensitive documents. In addition, the security methods of five years ago are no longer effective. Today, data is everywhere, on mobile devices and in the cloud. In this scenario, traditional access control security models start to break down.

The lack of proper consideration for the threat posed by employees to a company's data is unsettling given that some experts have identified internal threats as the most pressing concern in the field.

"While hacking crimes involving China and other nations will continue to receive national press coverage, organizations should not lose sight of the fact that insiders, not outside hackers, still pose the greatest risk for theft of intellectual property and other proprietary data on their networks," Kroll Advisory Solutions' Michael DuBose wrote in a study.

Protecting against the security risks presented by former employees was not a priority for those surveyed either. Thirty-three percent said they did not implement security changes such as updating passwords to keep former employees out of their company networks. An additional 28 percent said noted that they should be utilizing these procedures, but have not done so.

To properly address these threats, companies need to make a significant effort to control access to sensitive information. And for the times that employees store sensitive information in the cloud to access on mobile devices, IT departments can provide data encryption software to prevent files from being accessed and falling into the wrong hands.

Tagged in: Cloud Data Encryption Data Security Employee Threat Internal Threats Mobile

Comments

  • No comments made yet. Be the first to submit a comment

Leave your comment

Guest Thursday, 03 October 2013