A Security Threat Related To Employee Behavior
Internet access is a vital resource for your business, but it may also be a major susceptibility point. Inappropriate behavior by members of your staff may expose your network to security threat and/or bring with it some legal liability. Worse still, this can impair both your system performance and productivity. A recent study found that employees spend over 200 hours yearly surfing non-work-related sites. Furthermore, not only do these employees spend half of their surfing activities on personal sites, but a shocking three quarters of all pornographic media, illegal software, video and music downloads plus other personal materials are actually downloaded during work hours.
Threats from Young Employees
Young employees are always enthusiastic about technology and tend to use the internet and other computing resources more often. According to Cisco’s study of young professionals and college students, a whopping 62 percent of young employees felt that internet was an integral part of their life; it would be hard to live without it. Surprisingly, 32 percent of young employees group the internet with other essential commodities in life such as food, shelter, water, air and clothing. However, this deep fascination with technology has not resulted in the appreciation of responsible technology use.
This desire to get online and even to use more advanced computing devices always surpass their willingness to adhere to the company’s technology rules, regulations and best practices. According to the same study 70 percent of the young employees are very much aware of their company’s IT policies, but still violate them.
Integrating young employees into the company’s labor pool is essential and in order to boost their morale and productivity, the workers access to internet, personal devices and social media may also be necessary. Therefore, the management just needs to learn how to deal with the security threat posed by the use of these vital resources.
Sources of Security Threats
Employees’ behaviors which sometimes pose security threats to the company’s system are not usually malicious in nature. Sometimes they just result from their regular activities in order to have the job done. However, some are as a result of, knowingly or ignorantly, violating company IT rules.
The major employee behavior which may threaten the security of the organization system include: unauthorized content copying to external storage devices, use of personal devices for office work, downloading illegal media, peer to peer file sharing, scoundrel wireless access points, remote access software.
They pose threat mainly through lose of valuable information and in some cases legal liability. The internet, especial access to some malicious sites, may be used by hackers to find a gateway into the company’s system stealing the data or corrupting it. Portable external devices as well as personal computing gadgets may transfer malware into the company’s system hence corrupting the data. Moreover, the company data stored in these personal gadgets may be stolen by malicious people and used to harm the company. Legal liability associated with illegal downloads is however well understood by everyone including the employees themselves.
Managing These Security Threats
- Apply content-filtering to prevent access or download of unwanted content.
- A reduction in recreational surfing like excessive use of social media. Blocking of some social sites like facebook, twitter and the rest.
- Securing your network from internet based threats. This can be done through use of powerful firewalls, and internet security software.
- Limiting the legal liability by banning illegal file download in the office.
- Clearly communicating the company’s IT policies to all employs.
- Install and frequently update anti-malware and other security software on all laptops, PCs, modems, smart phones and other gadgets that connect to the network.
- Constantly enforce the company’s IT rules and provide feedback.
- Educate all temporary workers and employees on the importance of good IT use, the risk associated with misuse of IT and its impacts.
- Tuning the system to optimize performance.
- Blocking of specific file types (like torrents) and some specific URLs from the company’s network.
- Provide real-time scanning of the network traffic which impact device performance.