Home Content Security and Risk Management The human factor is where security goes wrong

The human factor is where security goes wrong

Forget about attacks through your firewall. What about the guy who phones up the IT helpdesk, pretends to be a senior manager and gains access to your information that way? This is social engineering - exploiting human vulnerabilities rather than technical ones. Even that threat is minor in comparison with staff members mistakes. A quick survey of recent data breaches reveals that most of them are not as a result of exotic attacks through your firewall or industrial espionage via a honey pot. The most common cause of recent data breaches has been, to put it bluntly, employee stupidity. Installing peer to peer software on a company laptop and then incredibly sharing the 'my documents' folder Dumping the entire employee records database onto a laptop and leaving it in your car Putting printouts with client data in a dust bin Luckily these breaches result in data falling into the hands of people who generally don't know what to do with it but that might not always be the case as the value of personal data becomes more widely known.The answer, protect people from themselves.Most security systems concentrate on the easy things, let's be honest, it is easy to deploy and maintain an effective electronic perimeter; this is why most companies are actually quite difficult to penetrate electronically. The easy things get done and we all slap ourselves on the back for a job well done.The difficult job of creating policies and making sure through extensive user education, training and monitoring are hard, very hard. That is why we continue to see these types of breach.Security professionals should start to consider means of education and training and demand the resources to do an effective job or idiotic breaches like this are going to continue and at some point are going to cost dearly.         Set as favorite Bookmark Email This Hits: 207 Comments (0) Subscribe to this comment's feed Write comment Name Email Comment smaller | bigger Subscribe via email (Registered users only) Write the displayed characters Add Comment

 

< Prev		Next >