5 Ways Your Employees Are Your Biggest Security Risk, And How To Stop It

Computer User Security

Monitoring an IT network should be an essential part of any routine business process, yet so many companies fail to make sure they do this properly. These days many businesses are struggling to balance internal security and giving their employees the tools and network access needed to get their jobs done properly. It is important to ensure there are measures in place to protect against loss, misuse and data alteration.

The risks of not monitoring a network are numerous. Failure to do so can correctly can lead to serious IT stability problems, as well as performance and reliability issues. A recent Forrester report showed network security is so important that businesses spent over a fifth of their total security budget on it last year. And, in Opsview’s Network Technologies and Budgets survey, almost 40% of those surveyed planned to invest in security in 2014.

Let’s take a look into how employees may unknowingly be your organisations biggest security risk and how monitoring your infrastructure can assist with keeping your company’s internal data safe and secure.

1. Data Security

There are a number of things your employees could be inadvertently doing that put your business at risk, including putting sensitive data into places where your IT department has no control over it (think Dropbox, Google Drive etc). There may be many reasons behind this, such as having connection issues to work email outside of the office, a general lack of monitoring of personal email and even keeping certain data to use at their next place of employment. This can lead to breaches of company policy and transference of company data without prior knowledge. Setting up an active monitoring system can detect a problem without the need to do needless digging. Being able to pinpoint and detect exactly where the problem is stemming from helps in identifying leaks, but also creating a more efficient and streamlined business process going forward.

2. BYOD (Bring Your Own Device)

With personal devices now being used to access corporate email, calendars, applications and data, many organisations are struggling with how to fully define the impact to their network security. Establishing acceptable procedures and support models that balance both their employees’ needs and their security concerns is becoming harder and harder for all IT departments. BYOD traffic can overwhelm a company’s network and bandwidth, so it’s important for employers to make sure that the increase is actually work related. IT monitoring can assist with a diverse array of BYODs by being pro-active rather than reactive. Finding a tool that integrates, is customisable and knows where to allocate your resources is invaluable.

3. Online Streaming

Functionally, there isn’t a big network security risk with streaming video or audio itself, but there are inherent risks with having the network open to allow the streaming. Small companies face as many challenges as larger ones in keeping employees in line and out of trouble. According to MIS Alliance – an IT solution provider – in companies a few hundred employees or less the biggest problems stem from the internet. Employees tend to use the web and download whatever may be of interest, be it a freeware screensaver, a new toolbar or a cute picture of a dog wearing a hat. Any download can of course carry a variety of malware along with it. Having a network analyser can help your organisation monitor your corporate network, giving detailed insight into both current and historical traffic flows. This allows hotspots to be quickly identified and resolved before impacting the network, as well as highlighting the biggest bandwidth users by host and by port.

4. Unauthorised Software

Businesses spend a lot of time administering their corporate networks, so the last thing they want is for it to become part of a botnet or other shameful scheme to attack other computers. Before you know it, various online services are blocking your IP addresses because you are a known source of spam which can really hinder connecting with potential customers. Then there’s the everyday virus problem that comes from unauthorised software downloaded and installed on an employee’s computer. Before you know it, you could have one or more workstations invaded by malware and passwords, e-mails, and other private information could be transmitted to a server in Timbuktu. Don’t let that happen.

5. Hacking/Unauthorised Network Access

Productivity is booming, but network-based collaboration introduces corporate data into a broader environment that is more vulnerable and difficult to protect. Data stored on the corporate network is at risk because it is more accessible than ever. Organisations must provide access to databases for information sharing, and storage and compression technology has allowed for more powerful (and risk-laden) endpoints. This makes it easier for employees, partners, or data thieves to access, move, or lose intellectual property and customer data. IT network monitoring enables businesses to identify and stop any user misuse of their technology. Insider threats continue to be prevalent in businesses, particularly when it comes to unauthorised access by employees to sensitive data they do not need for their job.

Are Employees Really The Ones To Blame?

Employees can do a lot of things, and tend to do some rather peculiar things at work. However, are they the ones to blame when it comes to security? IT departments need to recognise both the need of employees, and adapt to make their behaviour more efficient for business. This is why monitoring can help in recognising that behaviour, and pinpointing exactly where the problem lies, instead of building an unneeded fortress of solitude.

By using the right monitoring technology, businesses can see which users are doing what on the network. Dashboards provide a comprehensive view of any businesses IT infrastructure and can visualise complex data and monitor key business services all in one place as well as receive alerts on any behaviour that is classified as not safe and get early warning about IT issues which may impact on business as usual.

1509068_10154108428155227_5255422341359393546_n

Donna Toomey works within the Marketing Department for Opsview, a software company specialising in enterprise systems; monitoring software for physical, virtual, and cloud-based IT infrastructures.