When it comes to enterprise security threats, we all know the usual culprits. Email attachments, worms and viruses, peer-to-peer applications – all present opportunities for unsavory characters to access your data and do you harm.
But what about those “other” security risks? You know, the ones you may not have thought about. If you’ve ever wondered whether you’re missing something through all the antivirus software and email spam monitoring you do, there’s a good chance that you are.
Don’t be scared, though! There’s still plenty of time to take action. Here are four enterprise security risks you may have overlooked.
That’s right. Diversions. In particular, diversions disguised as malicious security breaches. The good news is that these will only become a problem if hackers get past your anti-virusapplication. And most of them won’t, right? The bad news is that diversions can be quite effective when they do occur.
Hackers will unleash upon part of your network – lets say a server or set of servers – to garner the attention of your IT staff. Then when your team is busy repairing the damage, the hackers will use that opportunity to dig deeper into your data.
Be ready for this possibility, and develop an effective game plan that accounts for it. In the event of a hacker attack, you’ve got to be ready for anything.
2. Partners and former employees
Here’s one you can easily fix. When you hire third parties for temporary jobs, be sure to delete their login credentials and close off network access when they’re no longer working for you. Do the same thing for employees who leave the company.
3. Renamed documents
Let’s say an employee wants to steal sensitive company information either for personal use or to help a competitor. He can’t just email himself the document because your email monitoring application would catch that.
Instead, he copies and pastes the information into a new file, gives it a seemingly innocuous name, and sends it off in an email. Not good.
Check with your email monitoring vendor and see if they have any tools that can prevent this scenario from playing out. Also see if you can encrypt documents that contain sensitive information. Many modern platforms offer this functionality, and there’s little excuse not to take advantage of it.
4. False credentials
When someone uses false credentials to access information, the privacy of your clients or customers is seriously at risk. Company-related information could be in jeopardy, too.
Conduct a serious review of your data-handling policies, and specify which users have access to what information. Then implement a verification system that catches the fraudulent use of credentials before it occurs.
And be sure to change passwords and account access codes on a regular basis. In an effort to combat fraud, many organizations already require employees to periodically change passwords. Sure, creating a new password every few months may seem like a nuisance. But protecting your data from theft is well worth the trouble.
Adam Green is a freelance writer. He contributed this post on behalf of Attachmate, a global company which offers emulation software and other B2B solutions.