Staff access can lead to security threats

Staff access can lead to security threats

Some companies, even those with excellent firewalls and external security systems, may have gaping holes in data protection strategies. A recent report by Lieberman Software Corporation indicated that danger may come from within, with workers in IT departments surprisingly capable of accessing confidential information. According to the results, many IT pros are completely willing to use network access to seek out files they are not technically authorized to view.

Insider data danger

The Lieberman survey, circulated among IT executives, found these employees are aware of their heightened ability to access data. Nearly two-thirds of respondents said they have ways to see files beyond those available to other sections. Some of these workers are willing to use and abuse those privileges. When asked if they could take valuable data along if laid off, 11 percent confirmed that they could.

"Many organizations rely on their IT departments to keep them safe but all too often the reality is that powerful privileged account credentials are being abused. Management must step up to the plate and take charge by establishing systems and procedures to lock down data from prying eyes or their secrets will continue to be stolen from under their noses," said Lieberman Software CEO Philip Lieberman.

IT security firms now offer diagnostics to detect how safe systems are from the inside. Penetration testing does not simply apply to outside hacks. Some companies offer a procedure to determine how much inappropriate file access employees have and give suggestions to curtail it.

Unwitting danger

While malicious or disgruntled workers may pose a threat to data, some loyal employees may be allowing threats into company systems without ever realizing it. According to the latest McAfee threat report, malware has spread from PCs to smartphones, especially Android devices. Workers taking advantage of bring-your-own-device programs may bring such threats into the office, never realizing what they've done.