|
|
 |
 |
 Events
Jobs
Premium Services
Media Kit
Network Map
E-mail Offers
Vendor Solutions
Webcasts
|
|
|
[
Home | Discussion Forum | How Do I... |
Lotus Notes Intranets |
Microsoft SharePoint |
Products |
Shopping
]
Five Tips to Protect Yourself Against Your Employees
James Maguire
3/28/2007
3) Access control and monitoring Okay, you’ve got your policy, but is it being followed? “More importantly, there are industry regulations that require you to demonstrate compliance,” Solanki says. An airtight security infrastructure will block access, and it will also record the user, the time, and attach the document that he or she is trying to print. Solanki describes this process with a tone of satisfaction right out of an episode of TV show CSI: “forensic evidence.” This policy can be tighter still for employees who management identify as “at risk,” or who are about to leave the company. For these workers, some companies set up a system that records every single contact this individual has with sensitive data. “It can be done in a quiet mode, or in a more visible way that prevents the employee from doing it, and it pops up a screen,” he says. 4) Monitor and prevent installation and usage of unauthorized applications “One of the biggest threats is that when I go to visit a seemingly innocent Web site, behind the scenes a keylogger is being installed on my laptop – that is the No. 1 issue today,” Solanki says. This keylogger allows a hacker to perpetrate identity theft by stealing all of an individual’s passwords. “The identity theft business has gotten so sophisticated that if I wanted to rent a botnet – an army of infected machines – I can do that for a dollar a day per PC,” Solanki says. Safeguarding against authorized apps includes building a tough line of defense on the front lines: all your workers’ PCs must have tough anti-virus and anti-spyware, and ironclad technologies to prevent the installation of a botnet app. 5) Educate and train your staff Companies have wide latitude in terms of how they enlist their workers in security efforts. The stringency of these effort can range from a pop-up that informs users they’re breaking company policy (which Solanki notes that many users ignore) to iron-wall pop-ups that block action. To be sure, staff training is urgently needed in battling security threats. For example, many security administrators were aghast that employees kept opening emails whose subject line was “I Love You” – long after it was identified as part of a massive virus attack. Clearly, employees represent a loose link – maybe the loose link – in the security chain. This article first appeared on Datamation.com.
| |||||||||||||||||||||||||||||||||||||||||
Intranet Journal's Tutorials |
|
Managing Editor |
The Network for Technology Professionals
Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | E-mail Offers
|
Video: How System Center Helps Reduce IT Costs IBM Cloud Computing for Developers Virtual Event, April 6-8 |
Microsoft Video: OCS and Exchange: Platform Futures MORE WEBCASTS, PODCASTS, AND VIDEOS |
