Dangers from Within

By Sharon Linsenbach  |  Print this article Print


Desktop-as-a-Service Designed for Any Cloud ? Nutanix Frame

The continuing increase in IT security vulnerabilities and threats opens the door for solution providers to provide awareness and education on risk management.

Spammers have proven themselves to be unafraid of trying new methods of spreading malware over the last three months, including an escalation in the amount of spam being sent via social networking Web sites like Facebook and Twitter, and Sophos says it expects to see this trend continue.

The fact that employees often access social networking sites while at work can open corporate networks to a deluge of these spam-borne attacks and result in viruses and data breaches as well as the more obvious policy violations.

Data breaches and policy violations were the subject of an Insight Express study commissioned by Cisco that covered about 1,000 PC users and 1,000 IT executives about their online behavior as it pertained to corporate data leaks and online usage.

Nearly eight out of 10 PC users send and receive personal e-mail through a personal account on a regular basis, and nearly half use their work computers for personal research and online banking. This increases the risks of identity theft and personal data loss, and can also open organizations up to compliance violations.

"What we're seeing here is lots of security issues [being caused] not necessarily from outside, but from within the small and medium businesses," Keizer says. In addition, Keizer says the economic downturn is having unintended security consequences.

"Lots of people are being let go as [organizations] downsize, and if one of those people is a security technician, they can do a lot of damage to your systems, especially if they're in any way disgruntled when they're let go," Keizer says.

The Insight Express survey highlighted another worrying statistic that could become more serious as companies downsize their work forces and let IT security personnel go. Nearly one-half of respondents said they'd changed the security settings on their work computer, and 35 percent said it "wasn't their company's business" that those settings had been modified.

Education is key to making sure users understand the compliance implications of policy violations, and a strictly enforced—even automated—Web access and use policy can help curb flagrant violations.

Keizer says he believes there still much opportunity in the space, and that a managed services approach to security can help shore up customers' security while keeping costs down.
Sharon Linsenbach Sharon Linsenbach is a staff writer for eWEEK and eWEEK Channel Insider. Prior to joining Ziff Davis, Sharon was Assistant Managing Editor for CRN, a weekly magazine for PC and technology resellers. Before joining CRN, Sharon was an Acquisitions Editor for The Coriolis Group and later, Editorial Director with Paraglyph Press, both in Scottsdale, AZ. She holds a BA in English from Drew University and lives in the Philadelphia suburbs with her significant other and two neurotic cats. When she's not reading or writing about technology, Sharon enjoys yoga, knitting, traveling and live music. Sharon can be reached at Sharon.Linsenbach@ziffdavisenterprise.com.

Submit a Comment

Loading Comments...