Protecting Your Organization from Internal Threats

Security is a topic that we hear about everywhere, from big box stores like Target to the Presidential Election.  Security is something that every company should be evaluating and planning for, so why aren’t they, because security is inconvenient:

  1. It’s expensive – security is typically implemented through hardware and software which has a price tag. In addition, companies have to maintain the hardware and software purchased for security to remain effective.
  2. It’s time consuming – the threats are constantly changing and it takes time and resources to maintain security and to understand how it works
  3. It’s complicated – In addition to the items mentioned above which adds to complexity, security demands are becoming stronger, longer and require more complex passwords
  4. It’s not guaranteed – no matter how much time and money you spend on security, it won’t catch 100% of the threats 100% of the time

So what can companies do to protect their organization from one of the biggest threats – their people?

  • Educate your Staff – this is huge – employees don’t know what they don’t know and their main responsibility at work isn’t to keep up with security which is constantly changing. Tips and Tricks, webinars and lunch and learns are a great way to create a unified message while sharing up to date information with employees. Common topics to educate employees on are email, internet and social media safety. These are the most common places where your employees will come across threats that they may not recognize.
  • Limit Access – Although at times inconvenient, it’s necessary. The more access employees have the greater risk for the corporation. So how do you limit access? Give employees access to those applications and websites that are necessary to do their job, it’s a rather simple approach that reduces risk considerably yet many companies haven’t taken this approach.

The following are a few quick tips to consider:

  • Never open email that is suspicious- things that would create suspicion would be the wrong email address, title of the email, poor grammar and misspellings. In addition, pay special attention to anything with an attachment or embedded link.
  • Do not do any social browsing or social networking on company workstations – this limits exposure to corrupt websites, infectious links and website browsing that leads to viruses
  • Make sure you work with IT support to ensure you have the proper hardware and software in place as well to limit exposure; a firewall, anti-virus, web filtering and spam filtering are a few of the most common.

As the world becomes smaller and the threats become larger security is going to have to be considered in every company regardless of size.  Although technology can’t guarantee completely secure environments there are many simple and cost effective measure that companies of all sizes can consider to limit exposure which reduces risk for the organization.

Leave a Reply