Occasionally, a company may find that one or more of it's employees have stolen valuable data of some kind. Internal security threats are much bigger than external threats because an employee has greater access and knowledge of the work environment and the company network. Through regular use of the company's operating system and email client or accessing the network with their user ID and password, an employee may become familiar with the steps necessary to compromise the security of their company's network, particularly if that network is not secure or set up improperly.
Employees can steal data via personal flash drives and email. If an employee needs to work from home or take documents home from the office always have them check with your IT department and their supervisor to ensure they are following corporate policy. As an added measure of safety, have your IT department supply password protected flash drives to that employee after obtaining consent from their supervisor for the employee to use the flash drive. This is a simple system of checks and balances designed to serve as a deterrent.
Employees can steal data via personal flash drives and email. If an employee needs to work from home or take documents home from the office always have them check with your IT department and their supervisor to ensure they are following corporate policy. As an added measure of safety, have your IT department supply password protected flash drives to that employee after obtaining consent from their supervisor for the employee to use the flash drive. This is a simple system of checks and balances designed to serve as a deterrent.
How can your IT manager protect your company from internal data security threats?
- Establish clear policies for employees regarding accessing and saving documents and other files on shared network drives or flash drives and most important, internet and email usage.
- Hold regular meetings and trainings for executives and other managers to (re)educate them on your company's network usage policies.
-
For PC based networks, setup restrictions and policy setting on servers using Active Directory (http://www.
microsoft.com/ ) which will be applied on all desktops to restrict users' access to the network and what they are allowed to do on their computers.windowsserver2008/en/us/ad- main.aspx - Install a secure anti-virus software on each server and desktop that has virus, spam and spyware protection to block all traces of viruses, spam and spyware on the systems but most important, your network.
- Configure router and switches to block certain access to unnecessary open ports on the network.
- Setup email monitoring tools and software on your email server to monitor each employee’s use of incoming and outgoing emails and establish a limit and restrict to whom they are may to send external emails.
-
Set-up web filtering software like Websense (http://www.websense.
com/content/Products.aspx cymphonix.com/ - Create a shared network drive and grant email access for a backup user for an employee in case of termination where that backup user will have access to that employees files and emails.
- Create a termination policy for 30 days when an employee is terminated to delete their account from the network so they cannot use their user ID to sign into the network or access email.
No comments:
Post a Comment