Corporate IT Security Policies for Today's Connected Workforce
06 Aug 2013
As well as the targeted attacks used by cybercriminals to penetrate corporate networks, there is another potential threat facing every company: employees. Deliberately or accidentally, they can be responsible for the disclosure of confidential information or copyright infringement, which in turn may lead to litigation. Kaspersky Lab experts have already written about incidents like this and offered advice on how to secure your company.
Employees who send work-related emails to personal email accounts, download illegal content or use pirated software on their work computers are often unaware that such activities could damage their company’s reputation. For instance, in one case an employee stored copies of several corporate documents on his email account that were subsequently leaked onto the Internet. When the incident was investigated by IT security specialists they found spyware on the employee’s personal computer that logged information entered via his keyboard, including email account credentials. With access to the employee’s email account the cybercriminals were able to find the corporate documents and stole them.
In another incident, an employee brought his laptop from home and connected it to the company’s local network. A BitTorrent client was installed on the laptop, with the help of which the employee downloaded software, including pirated applications, for personal use. Three months later, law enforcement officers arrived at the company’s offices with a search warrant. They suspected the company of a copyright violation for using pirated software. The company ended up having to pay a fine.
There are several simple technologies that, in combination with security policies, can help prevent most of these kinds of incidents. In the cases described above corporate networks were the channels through which confidential data was disclosed and pirated software was downloaded. Therefore, the first step should be to restrict employee access to online resources that may pose a threat to the company, and block the use of data ports and protocols except those needed for their work. To restrict employees’ use of applications, the “Default block” policy should be enabled which only permits the use of software authorized by the company’s IT security specialists – that secures the company from both malicious and pirated software. Lastly, file encryption technologies should be used to ensure the confidentiality and integrity of corporate documents. Even if cybercriminals do gain access to corporate documents, they won’t be able to read their contents.
“As well as identifying and preventing incidents with the help of a variety of technologies, IT security specialists should remember to use administrative measures,” says Kaspersky Lab malware expert Kirill Kruglov. “Users should know what is permitted and what is prohibited by the security policies in place, and be aware of the potential consequences of abusing regulations.”
The complete version of Kirill’s article is available at securelist.com