Your security program is only as strong as its weakest link, and that is where the human element comes into play. Even if you have very comprehensive IT security technology in place, all it takes is one careless, uninformed, or disgruntled person with access to your physical office space or enterprise network to open your company up to unnecessary risk. While you spend a great deal of time and money fortifying your enterprise networks from outsider threat, don’t neglect the threat from within. The fact is that some of the most devastating threats to computer security have come from individuals who were deemed trusted insiders.
Important things you should do to help preserve your enterprise security from the inside out:
1) Immediately after temporary or contract workers are done working for you, disable their user accounts on your computer systems. Of course, the same thing applies to employees who leave the company.
2) Do not allow multiple employees to share a single logon account.
3) Make it clear to all insiders with access to your enterprise network that their usage is subject to monitoring – this should be a part of your corporate security policy.
4) Keep laptops locked down – this should be a part of an overall mobile computing policy.
5) Utilize password protected screen savers so computers are always locked when not in use.
6) Instruct employees to log off their computers before they leave each day.
7) Dole out access to the network on an individual basis, and give each person access to only the computers and files they will need to do their jobs.
8) Emphasize the importance of protecting passwords – they should not be left on sticky notes on the computer, emailed or shared with other employees.
The worst thing you can do is to have a false sense of security just because you have taken steps to secure your IT systems with technology.
