Chances are your systems are prepared for an attack by malicious insiders, but the true threat to your IT security today in 2017 is negligent insiders.
Breaking news stories on the latest major network security hack have almost become background noise in the morning news thanks to their prevalence in the business world. Hackers with motives ranging from profit to politics access secured systems every day, and as we move an even more digital-inclusive world, that trend isn’t likely to slow. Access gained to networks through the means of malicious insiders is one of the top and most difficult threats to face.
With that in mind, IT security professionals are scrambling to do all they can with the latest tools and strategies to combat the newest hacks. All that effort, however, may not be precisely aimed.
Where Should We Be Looking?
Its the negligent insiders, especially senior management, that pose some of the most serious risk to IT network security.
Negligent insiders and malicious insiders both may leave your network in shambles, but often come to that conclusion by different means. While a malicious insider may have personal of financial gain to obtain from accessing or allowing access to your systems, a negligent insider, at the time, means no harm. They’re simply a person on your network with access to sensitive information that lacks the foresight to properly maintain security protocols or share information in a safe manner. Perhaps a senior level manager who’s not careful with what they send via email, or high-level employee who isn’t fond of changing their passwords often.
Overall, negligence when handling sensitive data may be even more dangerous that a single person bent on destruction, because you may never even know it’s going on.
Is This Happening to You?
A recent infographic by the University of Alabama at Birmingham shows that “80% of end-user carelessness” is their top security threat, and 75% of businesses view negligence as the greatest threat of all. Some of the top careless mistakes they make include not changing passwords frequently and sharing them openly, needlessly carrying sensitive information at times when they do not require it, and leaving computers and devices unattended when outside of the work environment.
The problem with negligence is it doesn’t need even a seed of hatred to begin – all it takes is one mistake when sharing sensitive information, which senior management is at a much higher risk of making.
Steps to Fight Negligence
All the high-tech security features in the world can’t adequately fight negligence. It needs to begin from the ground up.
Insider negligence, especially that of upper-tier management with access to sensitive information, is only going to be beaten by educating your workforce on the importance of proper data security and how to implement it in their lives.
In the digital, smartphone-laden age, it’s easy to forget how every gadget we carry is a portal into our personal, sensitive information. A simple email to the wrong person, or overused password could be open door a hacker needs. Teaching proper security risk management in personal and professional devices is the first step in fighting insider negligence.
While it would be great to have an employment team built of data security professionals, that’s just not realistic in most professional cultures. In that case, it’s best to look to a local network security professional to ensure all your systems are up-to-date, and your employees, from the latest hire to the CEO himself, are all aware of the dangers of insider negligence.