A significant number of cybersecurity threats come from within an organization’s own network. Companies that devote substantial resources to detecting and preventing external attempts to hack their electronic networks often ignore the internal security threats that create a greater risk. Every organization’s cybersecurity policy should include mechanisms to detect and mitigate the five most common internal security problems.
- Remote Access Software
Companies give employees the opportunity to work from home and to participate in meetings through remote access software, but that software provides an easy pathway for hackers to access a company’s networks. In one case study, a software company let its employees use TeamViewer software for online meetings. A spyware program that had slipped into one employee’s home computer, however, gave hackers a keystroke log that they then used to hack into the company’s network with the employee’s TeamViewer sign-in ID. Remote access software tools are convenient, but a company’s cybersecurity efforts needs to reflect added controls that are required to prevent the potential for abuses connected with that software.
- Loss of Sensitive Information Through Email
Employees might intentionally or negligently attach confidential or proprietary documents and information to email that they send to external servers. Hackers can use those documents and that information as levers to delve deeper into an organization’s network. An organization can install scanning tools and other network monitors to watch the kind and quality of information that employees are sending outside of an internal email system. Employees who are intent on stealing information can encrypt it to defeat those tools, but those tools do provide a first level of defense against this type of internal threat.
- Peer-to-Peer File Sharing
The greater trend in companies is to ban peer-to-peer file sharing over IM and other similar systems, but many vestiges of those systems remain and continue to pose significant cybersecurity risks for those companies. Every company’s cybersecurity policy needs to address this risk and, if feasible, to require the deletion of any peer-to-peer software that employees may be using to upload files or to share information.
- Use of Insecure Wireless Networks
People use wireless networks to connect their mobile devices to the internet and to save their data allotments on those devices, but an unsecured network that has no password protection exposes every device on that network to every other device. Hackers have developed techniques to access sensitive information in mobile devices on those unsecured networks. A company’s cybersecurity policy should include instructions for all employees to turn off file sharing on mobile devices and to manage other privacy settings. Companies can also set up virtual private networks (“VPN’s”) on all employee mobile devices to add an additional layer of protection when employees use those devices on a public Wi-Fi network.
- Blogging and Discussion Boards
Even an innocuous comment by an employee on a public message board can lead to deeper and more serious cybersecurity problems than a company might expect. An employee who posts a comment about his employer immediately identifies himself and his relationship with the employer. Hackers can build on that information to collect additional data about an employee, and the sum total of all of that data can give the hacker a platform to access the employer’s internal networks. Every corporate cybersecurity policy should include strict restrictions on the type of information that an employee can post on a public blog or discussion board.
All threats to an organization’s information systems and networks should be taken very seriously. Regarding internal threats, employees may have the best of intentions with respect to their actions, but those intentions can lead to egregious problems if they are not managed or curtailed properly.