About Me

Skyline Marketing Group, LLC is dedicated to creating high-impact marketing campaigns and new business opportunities for small to mid-sized companies. Contact us today to see how we can help your organization be more successful: MKvicala@sbcglobal.net | 734.662.2803

Friday, September 30, 2011

Loose Lips Sink Ships

loose lips sink ships.
by ~Kyogre-Kaiba
What's a Company's Biggest Security Risk?  You!!

Employees don't mean to be the primary entry point for hackers. But they are.

According to a recent article in the Wall Street Journal, we are the weakest links.

Hacking attacks against companies are growing bigger and bolder—witness a string of high-profile breaches this year at Sony Corp., Citigroup Inc. and others.

But gone are the days when hackers would simply find holes in corporate networks to steal valuable data. Large companies have grown wise to the threat of hacking, and have spent the past 30 years hardening the perimeters of their networks with upgraded technology.

These days, criminals aren't just hacking networks. They're hacking us, the employees.

"The security gap is end users," says Kevin Mandia, chief executive of security firm Mandiant Corp. The majority of corporate security breaches his firm is currently investigating involve hackers who gained access to company networks by exploiting well-intentioned employees.

Consider what happened in March at EMC Corp.'s RSA security unit, the maker of computer login devices used by thousands of other companies. A hacker sent emails to two small groups of employees that looked innocent enough, including a spreadsheet titled "2011 Recruitment plan." The message was so convincing that one employee retrieved it from the "junk mail" folder and then opened the attachment. Doing so introduced a virus inside RSA's network that eventually gave the hacker access to sensitive company data and enabled later attacks against RSA's customers.

Employees have more opportunities than ever to compromise company information. We not only screw up by clicking on emails from hackers that download viruses, letting them bypass corporate firewalls. We also open a Pandora's Box of security problems by circumventing company tech-support rules and doing work with personal gadgets and consumer-grade online services like Web email and cloud storage services.

Closing these holes is proving very difficult, security experts say. But companies keep fighting. To stop potentially dangerous employee habits, they're testing new tools to keep track of what's happening on their networks and rolling out employee education programs.

Sources:
1. Geoffery A. Fowler, "What's a Company's Biggest Security Risk? You.", The Wall Street Journal, September 26, 2011
Posted by
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)