Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

How your employees put your organisation at risk

Sarah K. White | May 29, 2015
Security threats don't come only from the outside. The biggest threats are often sitting right in the office. Whether it's adult websites or social media, employees are accessing content that puts your business at risk.

International risks

Adult content, quite obviously, includes pornography, but international companies have even more risk when considering laws around the world. That's because what's legal in the U.S. might not be legal elsewhere, and vice versa.

"Anything in the U.S. that is classified as over 18 is adult content," says Steinberg, "but different countries have different rules on this kind of thing, and that's something that international organizations need to be cognizant of," says Steinberg.

Adult content can quickly take on more meaning in other countries, and it's something employers need to educate employees about. The security risks become greater if employees are unknowingly accessing illegal content while traveling for business. Companies need to consider the international implications of adult content, and what that might mean for the security of their business.

Social Media

Social media is a new medium for cybersecurity threats and it's difficult for companies to monitor, let alone secure. Blue Coat found that 41 percent of U.S. employees access personal social media accounts at work, which is problematic because malware can easily disguise itself in shortened links. Users might not think twice about clicking out from a tweet or Facebook post, since shortened links have become the norm on social media sites.

As the study states, "an attacker may create a seemingly personalized email targeted at an IT administrator for a large enterprise using information found on social media profiles, such as the recipient's alma mater or favorite sports team."

Social media also poses risks when it comes to what employees share and post, as they can unwittingly give out sensitive data without realizing it.

Steinberg is a co-creator of a technology called SecureMySocial, software that can alert users before they post something potentially harmful. "If you're posting something that looks like its leaking employer data or saying something that by most normative standards might be considered insensitive, it will warn you."

Implementing these types of failsafe resources are one way to help prevent security threats, but when dealing with humans, you can only go so far.

How to help employees understand the risk

The problem with humans as a security threat is that there isn't a perfect solution, but companies can work to help employees understand the risks they pose not only to the company, but themselves. Employers need to understand that workers expect a certain level of access in today's digital age, and completely barring them from social sites or non-work related content, won't offer a solution.

"The reality is that we're on human mind version 1.0," says Steinberg, "your firewall may be version 20, your word process might be version 20, but in the last 20 years the human brain has not evolved. The same kind of mistakes that we were making at the beginning of the Internet era, we're making now."


Previous Page  1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.