Internal Threats to network security

1496 Words3 Pages
bulb-icon

Recommended: An insider threat is a malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization's security practices, data and computer systems

Internal Threats to Network Security The topic of network security is a reoccurring theme in today’s business world. There is an almost unfathomable amount of data generated, transmitted, and stored every day. Unfortunately the media and traditional reporting sources these days typically only focus on outside threats such as hackers. Many people completely overlook the insider threats that are present and can potentially pose and even bigger threat then any outside source. One of the acronyms that is constantly repeated in the security industry is the principle of CIA or confidentiality, integrity, and availability. Authorized users, whether by accident or through malicious acts, are in a unique position to threaten all three aspects of CIA. Authorized users by their very nature are allowed access to the company’s data to varying degrees. If access rights are not correctly set, then there is a huge potential for data to become compromised, corrupted, or destroyed. Employee access does not stop at electronic access to data but many employees will have a great amount of physical access to networking hardware and devices. The potential for damage or theft from employees is a risk that must not be overlooked. If that is not bad enough it is not just data theft and corruption that you must worry about but what user choose to store. Your company can get in trouble by simply storing copyrighted or pornographic material. Users are also notorious for leaving passwords written down in close proximity to their devices. Some users take this a step further and keep a list of a rotation of all the passwords they use. Passwords also present another weak link in the fact that they can be shared between users, or given out durin... ... middle of paper ... ...hether it is voluntary or involuntary a procedure must be in place and executed every time to ensure that network credentials are revoked and the user does not have the ability to remove or destroy information at the last minute. In the event of an involuntary termination the employee should be given no warning before the event happens so that they do not have the time to perform any malicious actions before being terminated. For effective internal network security, policy and procedure needs to be in place, and it needs to be enforced from the top down. It is also a good idea to periodically review these policies and procedures to ensure that they still meet the necessary requirements that the business requires. If IT can work together with the rest of a business we can help to lesson that accidental and malicious threat that internal authorized users present.

Show More
Related

  • Homeland Security: The Mission Of Homeland Security

    1035 Words  | 3 Pages

    Security helps the organization meet its business objectives or mission by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets through the selection and application of appropriate safeguards. Businesses should establish roles and responsibilities of all personnel and staff members. However, a Chief Information Officer should be appointed to direct an organization’s day to day management of information assets. Supporting roles are performed by the service providers and include systems operations, whose personnel design and operate the computer systems. Each team member must be held accountable in ensuring all of the rules and policies are being followed, as well as, understanding their roles, responsibilities and functions. Organizations information processing systems are vulnerable to many threats that can inflict various types of damage that can result in significant losses (Harris, 2014). Losses can come from actions from trusted employees that defraud the system, outside hackers, or from careless data entry. The major threat to information protection is error and omissions that data entry personnel, users, system operators and programmers make. To better protect business information resources, organizations should conduct a risk analysis to see what

    Read More

  • Security Risk Management SRM and Auditing

    1032 Words  | 3 Pages

    The way forward lays in a security risk management (SRM) approach that protects your company from the most severe threats to critical IT systems and operational processes. SRM helps your organization understand its assets and analyze the vulnerabilities it must address. Security risk management also facilitates internal and external compliance initiatives. It enables your organization to enforce policies that relate to the integrity of customer data, the configuration of corporate applications and databases, and the accuracy of financial reports. Companies that take a systematic approach to SRM reap additional benefits: operational efficiencies that lead to better management of resources and reduced costs. It's up to all the parties involved in the IT operations and security mission to demonstrate that they can take on the demands of this new challenge.

    Read More

  • Analysis Of Toro Custom Fabrication

    849 Words  | 2 Pages

    ...n work in an environment is free of alcohol, illegal drugs, firearms, discriminating and/or offensive material or data, etc. Company provided technology such as email, voice mail, and computer systems remain company property as well as all data that is transmitted, received, or stored. Employees are expected to use these resources business related purposes only

    Read More

  • Bring Your Own Devices in the Workplace

    577 Words  | 2 Pages

    According to Davis (2012), “Nine out of 10 technology pros think smartphones and tablets will become more important to business productivity in the next couple of years. Seventy-two percent expect to offer more bring-your-own-device options so that employees can access company data with their personal gadgets.” The use of personal electronic device usage is on the rise in the corporate workplace. Although there are opportunities associated with this; there are also risks involved. Companies and government IT divisions need to evaluate these risks, and put specific mitigation plans in place to establish policies to assure that business information is secure.

    Read More

  • a

    889 Words  | 2 Pages

    Security is defined in three main areas: confidentiality, integrity, and availability. Each definition takes a corner of a triangle, which is supposed to emulate a perfect security design called the CIA triad. I will refer to these elements in the recent Target breach.

    Read More

  • The Role of Information Security Policy

    890 Words  | 2 Pages

    Every organization, big or small, should have some level of security policy to protect their proprietary information. While the intensity and depth of an organization's security policy depends heavily on the nature of their business, common guidelines are mentioned in this paper that apply to all policies. One of the most important things to remember is that employees are a critical component to a successful security policy. It is the organization's job to ensure that their security policy is widely distributed and understood.

    Read More

  • Coca Cola Security Breach

    210 Words  | 1 Pages

    Coca-Cola Security Breach Put Personal Information Of 74,000 Employees at risk. Failure here appears to be processes surrounding disposal of old equipment without doing any encryption causing data to be breached. Also some times, a criminal can act as an employee

    Read More

  • The Pros And Cons Of Encryption

    788 Words  | 2 Pages

    Any dishonest employee may go against the rule of the company and may disable the systems to allow intruders to access. Such intruders may be rival companies that are cooperating with the dishonest employee in turn of personal gain. This can cause an extremely devastating effect to the company by resulting in data loss and malfunctions.

    Read More

  • An Introduction to Access Control Mechanisms

    1930 Words  | 4 Pages

    The major threat of the organization is securing its gigabytes of data from the prying eyes of unauthorized outsiders and insiders attempting to exceed their authority. ...

    Read More

  • Password Reuse And Password Management: Password Security And Security?

    1763 Words  | 4 Pages

    "It is a matter of education for the employees to educate them on the hazards and risks," Cunningham said. "There's a policy aspect of it: If you're accessing our financial application, 'thou shalt not use that password for anything else in your life.' And then there are tools you can use to help automate that process for the employees, such as a Password Bolt. Maybe they don't know what the password is, but they can log into the Password Bolt and the passwords are generated for them." All this can be achieved through policies and the policy must be enforced and be audited to ensure adherence to this

    Read More

  • Pros And Cons Of Social Engineering

    822 Words  | 2 Pages

    Creating secure networks and clear policies might seem as a solution to social engineering, but the unpredictable nature of humans driven by greed and curiosity, will give rise to new techniques to beat the systems. However, organizations should come up with procedures and policies defining the roles and responsibilities of each user not just the security personnel. This should be followed by ensuring policies are properly followed and there is regular training.

    Read More

  • Cyber Security Breaches

    408 Words  | 1 Pages

    The increasing proliferation and complexity of technology are creating new "opportunities" for cyber criminals to exploit. In addition, cyber crime techniques are getting ever more sophisticated. For businesses, this adds up to an increasingly more dangerous cyber threat environment. It doesn't help that human factors add to the risk. These include simple blunders, such as exposing sensitive data to the open Internet, as well as network security misconceptions and oversights. Here are two network security mistakes that invite devastating data breaches:

    Read More

  • Authentication Essay

    1230 Words  | 3 Pages

    Thus the performance of the system can be enhanced by achieving the CIA (Confidentiality, Integrity, and Availability) properties. The research work also enhances the image of the organization by securing user credentials more effectively.

    Read More

  • Information Security

    2693 Words  | 6 Pages

    The first thing that we must consider about Information Security is that there is not a final destination at which we can arrive. IT Security is an ongoing set of processes and activities that requires attention and expertise on a daily basis. It is important to understand that systems are not secured by themselves and it is our responsibility to maintain and improve them periodically as required. It is of vital importance to establish the appropriate mechanisms and requirements in order to support the company’s CIA triad. The following report will provide you guidance about auditing and hardening techniques applied though the 7 Domains by utilizing IT Security Best Practices.

    Read More

  • Computer Crimes Employees Use The Internet At Work

    1407 Words  | 3 Pages

    One particular crime that could be committed by employees who use the internet at work is hacking. Hacking is one of the most well-known types of computer crimes, in this context, the term refers to the unauthorized access of another’s computer system (HG.org Staff, 2015). This means that if the employee in not allowed to use the internet, for personal use, than there is a possibility that they could get charged for such crime. Because the policy will state they do not have the authority to access the organizations computer system for personal use. In addition, they must know that all use of computers systems while at work will be monitor, including e-mails. Piracy and cyber terrorism are other crimes that one can face when using a computer

    Read More

More about Internal Threats to network security

Open Document