Internal Security Threats

Great Essays
We’ve all heard the warnings, “Hackers are everywhere, arm yourselves with the right security to protect your information.”, and hopefully you are not one of the millions that have had their identity stolen. Imagine being in charge of a multibillion-dollar company, and it is your responsibility to make sure that every customers transaction that passes through the system is secure against attacks. That is a pretty big feat, but in today’s world it is a necessary evil that has become one of the biggest concerns faced by corporations. Accountability, in a security sense, is a set of goals that place emphasis on how a company will handle and protect themselves from a security breach. Many companies in the past, have learned hard lessons …show more content…
Policies should be constantly updated and gone over with employees to ensure they understand them. Ensuring that employees are not taking pertinent information to outside sources whether intentional or unintentionally is of other concern for the manager. Keeping security issues a very serious matter is important for the manager to reiterate to the employees, as are the repercussion that they may face if rules are broken. Some examples of real world internal threats are 1. Employees sharing login information 2. Watch, manage, and protect access to the internal network used by employees. Often times, many employees will share their login information with other co-workers who are having a difficult time logging into the system, or they simply have forgotten their own login information. As a manager, this is a practice that needs to be stopped immediately. This is how many employees with the wrong intentions can login under another employee ID and commit fraud or steal customer information. It is also important to remember that everyone has different access to certain areas within the system, meaning one employee may not have access to payroll, but the other does. This can open the flood gates for a serious internal attack. The second example of watching, managing, and protecting access is closely related to the protection …show more content…
What this means is that the company is taking every precaution to have the right people on the job when it comes to security as well as the most up-to-date security systems available. A breach may happen, but knowing that your company has done everything to protect against an attack should allow some peace of mind. Two ways that resource allocation translates into the workplace are: 1. Adding further encryption to already secure sites. 2. Supplementing with additional security teams to monitor around the clock vulnerabilities to the site. Adding additional encryption may seem like a strange thing to do if it is already existing on your site, but it is always better to be safe than sorry. Extra layers of firewalls will aid in the fight against hackers, and save the company money in the future having to defend themselves legally (Schiff, 2016). Having and extra set of eyes in regards to security is the way to go when monitoring the day to day operations of the business. About a week ago Amazon’s security team monitored what would be considered a threat to customer accounts, and sent those customers an email requesting them to reset their passwords. The problem was that these customers were using old passwords that they had used in the past, and hackers had gotten their hands on the list, putting the customer information at risk of a breach (Spadafora, 2016).

Related Documents

  • Superior Essays

    Cyber Attack Case Study

    • 956 Words
    • 4 Pages

    Once the critical business information is identified, a planned response needs to be identified as to how to protect that information. The protection plan may begin with the Information Technology (IT) Department with software but essentially it is individual responsibility of how the information is kept safe. Information is always vulnerable and people are looking to find ways to gain access. By having checks in place, if a hack does occur, the violation can be detected sooner and planning continues to prevent future attacks from happening again by devising a deflect plan, and how to go about defending in the future. Firewalls are put in place to keep individuals from hacking into the database at the place of my employment.…

    • 956 Words
    • 4 Pages
    Superior Essays
  • Improved Essays

    Honestly speaking, a typical hacker might be very good both in “black hat” and “white hat” techniques. The main difference between these people is what they want to achieve with their skills. For instance, you might be learning these techniques just because you want to build a secure environment for your worker, and in that case, all your focus will be how to block all vulnerabilities that you…

    • 803 Words
    • 4 Pages
    Improved Essays
  • Improved Essays

    The most obvious option would be to train every employee and manager about the best security practices and ensure compliance with protocols throughout the organization. This however would do very little without good security policy and guidelines. Hiring or contracting security consultants would be the best way to ensure that the best industry standards are being set, and then an informed managerial staff could reasonably follow and create good security strategies. Another possible avenue for improvement would be to remove many of the older technologies that are more risky. While this may make the employee’s life’s more difficult or tedious as well as being costly, the customer’s data and trust are at stake.…

    • 780 Words
    • 4 Pages
    Improved Essays
  • Improved Essays

    To protect my company assets from cyber threats/attacks many things must be taken into consideration because there is always a deeper internal issue in what we believe is secure. Risk assessment and risk management are both very important parts of planning to create a safe, secure work environment to protect my employees and company both on the inside and outside of the company. I would assure that my company conducts a risk assessment periodically. This helps to see what has failed in the past versus what improvements and corrective actions have been made to present day. Comparing and contrasting the effects of failures also helps to determine if the current improvement fall into the same category.…

    • 700 Words
    • 3 Pages
    Improved Essays
  • Great Essays

    With a large employee base at Edu Corp, just one employee could jeopardize the security of the company by partaking in a scam or fraudulent activity. At Edu Corp, we strive to inform our employees and customers about the risks and types of scams and fraud, while protecting our digital…

    • 1577 Words
    • 7 Pages
    Great Essays
  • Improved Essays

    There is a subtle difference between security and protection, we will perceive that both of them are extremely close concepts but still not the same. Protection is assured if one has all the necessary security measures as security itself is a type of protection to all the external hazards. Information is a treasure which is immensely worthy to an organization and thus it needs to be protected firmly. It is easy to corrupt, lose and steal thus the measures needed or taken to secure them from irrelevant entries are mentioned as Information Security. The significant step taken by most of the Organizations or firms recently is the use of ethical hacking process or techniques to evaluate the success or failure of their current security measures.…

    • 1032 Words
    • 5 Pages
    Improved Essays
  • Decent Essays

    That means If the employee does not know what to do if a crisis happened, then they must contact Human Resources for assistance. Otherwise, the employees will lose their job. Password System Even though the system is not always secure, older passwords are preserved and are expected to remain programmed inside the system. Be sure not to create weak passwords that begins with your name, family member, or a pet because hacker can break into the system by any means necessary. Protecting electronic and non-electronic…

    • 428 Words
    • 2 Pages
    Decent Essays
  • Improved Essays

    Large companies in particular have to be vigilant when it comes to cyber-crime because of the size and volume of information that is being held there. Organizations must take steps to protect themselves against internal and external crimes. Most companies believe that their information is secure but the truth of the matter is that it is not (Calder, A., 2008). No matter how confident a company is there will always be someone out there that has more knowhow about computers that will be able to hack a system and steal information from honest hard working people. Companies will use malware, spyware and firewall software programs to keep their information safe preventing from loss of…

    • 731 Words
    • 3 Pages
    Improved Essays
  • Improved Essays

    IT security threats and cryptography 7/A. P1: Explain the different security threats that can affect the IT systems of originations. 7/A.M1: Assess the impact that IT security threats can have on organization's IT systems and business whilst taking account of the principles of information security and legal requirements In today's society data is a very valuable thing companies have to take in to account how to protect that data from the threats, Threats is a way in which the data is vulnerable and therefore rules and regulations have been put in place to stop these potential threats for example all will have adhere to the principles of information security this is a way in which data is protected, I have been working for a start-up company…

    • 1332 Words
    • 6 Pages
    Improved Essays
  • Improved Essays

    Employers have many legal rights that most of them are not aware of (Workplace, 2015). Lawsuits can arise because of simple posts from employees while at the workplace. There have been many situations that have occurred because of what employees believe to be harmless. Social media can be very sensitive at times and the wrong wording of a post could leave a company liable (Workplace, 2015). Employers need to be motivated to ensure the safety of their companies.…

    • 1691 Words
    • 7 Pages
    Improved Essays