Biggest Security Threats Come From Within Companies
The biggest threat to data security in companies today comes from inside the business itself, according to Colin Tankard, Managing Director of data security company, Digital Pathways.
“ While many businesses spend time and money on trying to prevent hackers from accessing their systems few think about the very real threat of data loss via their own workforce.
“ What we are talking about here is granting access permissions in order to properly control what information individuals within organisations are able to read and manipulate.
“ It is not uncommon for an employee to carry access permissions with them throughout their company career. So a person employed in HR for example, who then moves to Sales & Marketing will probably still have access to sensitive HR information regardless of its relevance to their current role. This can prove highly damaging.
“Often, system administrators are concerned at revoking permissions as they are worried about the effects of the change on other system links. No one wants to anger their CEO by finding they have denied them access to the financial reporting systems by mistake!
“As organisations get bigger the task of managing access permissions can become onerous. Without a proper, robust software option simply checking one persons permissions trail can take hours.”
But there is a way forward. Digital Pathways work with partner Protected Networks and their 8Man product – a simple, clear system of providing and managing access permissions across an organisation.
8Man is designed to be used by both business users as well as IT specialists and can help greatly with a companies compliance issues.
Adds Stephen Bennett, Head of Channel UK & Nordics at Protected Networks, “our research says that some 60-70% of access permissions within companies are out-of –date or inappropriate. That means that 60-70% of a companies workforce are accessing data they should not be viewing at all.
“If a company cannot trust the integrity of their permissions, it cannot trust its data security, and if it cant do that, why should their clients trust them?”
Latest Data Security News