Security is not just about having the right tools and controls in place- here at eacs we also believe in the importance of staff education. This comes not only through formal training but it actually flows from enforcement of compulsory security on devices and being fairly restrictive as to exactly what devices staff can choose! After all, employees represent the biggest threat to most organisations security, and some of this is down to insider abuse.
Forrester has helpfully defined two new terms for employee risk
With over 50% of all internal incidents due to unintentional misuse or user error this is not a surprise to eacs. It is all so easy for an employee to click on a suspicious link in an email, unknowingly downloading malicious malware or code- or someone just ignoring security policy that is in place because it makes it easier for them to do their work! Then there are the genuine mistakes where emails pretend to be legitimate but their purpose is to steal valuable information.
The Deliberate Insider threat is more difficult to monitor- but it is there. A disgruntled former employee can steal data and destroy networks by injecting malware or a logic bomb in corporate computers. Here at eacs we believe that businesses must create an effective insider threat programme that incorporate technology controls with strong risk management plans but focusses on educating employees.
Security is THE most important consideration for business now- take our free assessment to understand where you are today, or call us on 0800 8047 256 for a confidential discussion about how eacs can help you become safer.