Unintentional Security Issues and Malware



There're a great deal of accidental security issues but i'm focusing on how the human factor intercedes with data security and integrity.

Up to 28% of Enterprise Data Security Incidents Come from Inside

While hackers are growing more and more sophisticated, much of the threat of organizations actually comes from inside.

That isn’t to say that any of the employees has malicious intent, though it’s possible, but they may be poorly trained, or the enterprise data security policies may be poorly enforced. All of these leading to Unintentional Security Issues.

32% of companies surveyed said that insider events were “more costly or damaging” than similar attacks coming from the outside.

But in order to toughen up your security stance and protect yourself from the enemy within, it’s important to know how your employees may be compromising your digital security.

2014 was a rough year for enterprise data security, if the high profile breaches of Sony, JPMorgan and Home Depot told us anything. It was especially rough for AT&T, who suffered not one but two separate malicious insider attacks, resulting in the exposure of customers’ social security numbers, driver’s license numbers and birth dates, as well as hefty fines for the mobile giant.

Any data breach can threaten your company’s reputation, let alone one coming from inside. So what could AT&T have done to keep their customers safe?

How You Can Prevent It

2. Poor Password Practices
All it takes is one employee with a password like “Hola123” or “admin123” to give a hacker easy access to your company’s most sensitive (and valuable) data. So changing passwords every three months at the very least, and that the passwords certain security requirements.

3. Weak Access Policies
Again, each employee should only have access to the systems and data they need to access, when they need to access them and that access needs to be revoked as soon as the employee no longer needs it.

4. Unsafe Downloads
No matter how your employee gets it, though, you’re lucky if the damage is isolated to that person’s work computer. More likely, it will spread through your network, and if you don’t have the proper network isolation, it can spread to the servers containing your most precious data. So daily backups is key to avoid this.

References:
Virtru. (2018). 6 Common Ways Employees Compromise Enterprise Data Security (And What You Can Do About It). Virtru. Retrieved From: https://www.virtru.com/blog/enterprise-data-security/

Kaspersky. (2018). The Human Factor in IT Security: How Employees are Making Businesses Vulnerable from Within. Kaspersky. Retrieved From: https://www.kaspersky.com/blog/the-human-factor-in-it-security/

Comentarios

Publicar un comentario

Entradas más populares de este blog

Imagen
SCM Software Configuration Management What? SCM is a software engineering discipline consisting of standard processes and techniques often used by organizations to manage the changes introduced to its software products. SCM helps to eliminate the confusion often caused by miscommunication among team members. The SCM system controls the basic components such as software objects, program code, test data, test output, design documents, and user manuals. Who? The Software Engineering Institute (SEI) advocated a standard definition for CM oriented to software, broadening the definition of the Institute of Electrical and Electronics Engineers (IEEE) and the guidelines of the International Organization for Standardization (ISO). Why? Is software engineering practices associated with software configuration management offer a number of opportunities to address requirements found International  Standard, ISO 9001. From management perspective, the principles and practices of  
Leer más
Imagen
History of software engineering It first started in the 1950's when software separated from hardware. They started to reclute programmers that where working as hardware engineers. Software engineering was encouraged by the software crisis of the (1960's, 1970's and 1980's) which was a term used to describe the hard time programmers has when writing useful and efficient computer programs in time. the 1990's gave rise to the Internet and to a fast growth in the demand for e-mail systems on the World Wide Web. There also was a growth on browser usage that ran on HTML, changing the way information displayed/ retrieval was organized. 2000's rapid growth in the demand for inexpensive software solutions led to the expansion of faster and lighter methodologies that developed running software, such as Extreme Programming. Software engineering today is currently rated as the best job in America by Money Magazine . Source & links: https://www.cs.color
Leer más

Wsq03

Imagen
Fun with Numbers Instructions: Ask the user for 2 integer numbers, then use those values to calculate: The sum of the 2 numbers  Difference between them  The product   The integer based division (no decimal point)  The remainder of the integer division First i looked for math operations with python and found this youtube video: Then i had some trouble with my variables because they were strings and i converted them to integers using int (), but after that minor struggle the program runned just fine. I'll leave a link to my code: https://www.dropbox.com/s/udfbrwf619a5n0b/Wsq03.py?dl=0
Leer más