4 Employees Putting Your Business At Risk
11
4 Employees Putting Your Business At Risk
-
Upload
courion-corporation -
Category
Business
-
view
396 -
download
0
Transcript of 4 Employees Putting Your Business At Risk
4 Employees Putting Your Business At Risk
2
Who, Me?
As a security team, your focuses are on role-based access, segregation of duties, and making sure the right people have the right access to the right things at the right time.
But what about the employees within other functions? Are there employees who are putting you at an uncommon risk?
Here is a look into those employees and how you can mitigate their risk.
3
The Contemporary Creative
Who they are: • Driven to get the job done
in the most creative and innovative way possible
• Seeks ways to work around or bend rules to get the job done
• Curious about the latest and greatest technology
4
The Contemporary Creative
How to mitigate their risk:
These innovators may be great at their jobs but they
also need to be reigned into your security parameters and need to understand what can and cannot be connected to
the network.
How they can hurt you:
By bending the rules and using unapproved new
technology, they are opening up your network to
breaches.
The rise of BYOD and cloud computing has increased their digital footprint and your risk.
5
The Intern
Who they are: • Interns can be seasonal
or a yearly addition to your team
• In order to be credible, they need access to certain applications
• They may need access to high-level information based on what they or their bosses are working on
6
The Intern
How they can hurt you:
Without proper training, they will not understand
the risks they pose to the system.
As a temporary member of the staff, their termination may be overlooked and their access may not be
cut off.
How to mitigate their risk:
All interns should be trained to enforce the importance of being security-minded and
knowing the risks they pose to the system. Once their term is over, make
sure their access is cut off as you would with any
other termination.
7
The Bad Apple
Who they are:• Not quite corporate
espionage but employees who are disgruntled and have access to highly sensitive information with any chance of exploiting it
• Look for who is taking information to see if they really need it
8
The Bad Apple
How to mitigate their risk:
You need the ability to see when critical information is
being downloaded by these employees outside
of their role. Look for accounts with privileged access, especially above
their role, and keep an eye on all activities.
How they can hurt you:
Disgruntled employees often take proprietary
information and hoard it before leaving
They can either take this information with them to a
competitor or simply release it breaching your
security protocol
9
The Apathetic
Who they are: • Team members who are
too lazy to learn the security policy or to learn new systems in order to help keep themselves and their organizations safe
10
The Apathetic
How they can hurt you:
By using easy passwords, not keeping them secure, and not changing them
often enough
By being an apathetic approver who grants
access without asking questions
How to mitigate their risk:
Intensively train these employees on all security protocols and make sure
they understand the importance of being a
security minded culture. Put in place automatic
password updates, security updates and news, and
mandatory training programs
11
What’s next?
Are any of these employee categories part of your organization?
Are you prepared for the risks they bring?
Do you know what risks are currently in your system?
Let Courion help.
With a Quick Scan of your systems, we can show you where your critical risks lie and how to secure them.
Request a Quick Scan >>
