Protecting your business from insider threats

(11/09/2008)

Business managers are aware of the dangers inherent within an organisation from disgruntled, or more likely just disorganised or unthinking employees. These insider threats can either open up the network to abuse from outside or can inadvertently cause mischief.

There are some simple tips which if implemented will enable businesses to efficiently manage their enterprise security:

1. Write and publish an IT use policy, then ensure your employees sign it
Employees must understand what is and is not acceptable on work computers: if they know about security risks they will behave sensibly.

2. Install a security system that allows you to set protocols for individuals
That way individual users may not intentionally or inadvertently access denied servers, websites or files. Crucially the solution must aid, not impede legitimate work.

3. Keep your security software up to date with anti-virus and anti-spam software
It should go without saying- but cracks in software appear daily and unless you proactively secure your defence you become a target.

4. Ensure all staff know how to spot phishing and spam emails
Staff should know it takes just one response to become added to spammers’ databases and inundate your email servers.

5. Staff should be suspicious even of ‘friendly’ email attachments
A virus will only be received through the attachment, not the opening of an email. Make sure all attachments are automatically scanned as they enter the firewall.

6. If in doubt, don’t click the link
Type by hand or use a known legitimate link to access new or suspicious sites.

7. Never respond directly to an email request for personal or financial information
Verify the authenticity of the request by using an email or telephone contact that you know is legitimate.

8. Ensure your security technology has failover built in
When something goes wrong ensure your backup plan moves into operation instantly- don’t leave things to chance.

9. If a ‘disaster’ will cause disaster, buy in tech support
If Internet or intranet downtime will hurt your business ensure you have the staff or support available as soon as you need it. Don’t lose customers by unavailability

10. Make it easy on yourself: buy an easy to operate all in one solution
Your IT should work for you, not against you. If your current system is difficult to install and run then it may not be cost effective for your company.

Mr. Harish Chib, Vice- President – New Business Development, Cyberoam, said, “Every individual needs to recognise that good security practices are a necessary part of using the Internet, but organisations have the facility to protect their staff through centralised planning and help make the internet a little safer for us all.”

Related topics:  Network Security   Security management and policies 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources