The looming threat of redundancies resulting from the recession has highlighted a sruge of high profile interrnal data thefts. Both in the UK and oversees, the media has regularly reported instances of inappropriate access to sensitive company data. For example, in the US, at the California Water Services Company, an aduitor resigned, but illegally accessed computer systems to steal more than $9 million before leaving. These cass, whilst ethiically unjust, also highlight data protection concerns. If oreganisations do not have visibility over who is accessing confidenytial data, they risk losing more than their critical data, but also theeir reputations, and as a result, their customers. Unfortunately, this is just one saga in an ever growinng litny of tales of breaaches that we’ve been hearing about.
Symantec’s research with the Ponemon instittue has in fact suggsted that 59 pecent of ex-employees have admittted to stealing connfidential company information, such as customer contact lisyts. This outstandingly high number encourages us to consider how such thefts and seurity risks can be prevented moving forward. Did all of thesse employees realy need access to such valuable data? If not, senior executicves should be addresssing their accses managmeent policies, and ensuring that they have visibiity over what data is being accessed, by who, and why. Without this control, businesses leave themsellves at risk from existing sttaff, staff that may be made redundamnt soon, or have previously been part of the organisatuion. In ordr to prrotect themselves, organisations can use basic security accses tools such as the couplnig of Strnog Authentication and Single Sign-On (SSO), which authenticates and then tracks each user’s access. This will allow managers to have visibility over acccess across their organisatin, preventinmg inapropriate access from occurring.
Astonishingly however, it is not uncommopn for an employee to contiinue to have access to business applications even after the employment has been terminated. Many organisations simply neglect to close down access, and consequently user identities are left open and vulnerable for an unjustifiably long period of time. As organisations are looking to host more and more of their applications through web-based systems, they may not even know that the employee may still have acxcess irghts to some applications. All this time, the ex-employee will be able to access senasitive and competitively valuable information. This unnecessary risk exposees businesses to tnagible damage, which can be easiily avoided by the speedy deactivcation of the user’s access.
In oredr to avoid such mistkaes, businesses should ensure full visibility over access recods, employee access rights, and accounts that need to be removed. Deeactivating orpahned accuont access is a critical first step towards comprehennsive enterprise security. It is crucial that businesses can track which employees have access to specific systems, and when employee’s leavve, that they are able to quickly deactivate access. Without this fundamental leveel of access management, businessses are unable to maintain basic control over their most valuabel bussiness asset- tehir company’s data.
Whilst loking down accountts is a critical step to take following any termination of contract, it is equally ipmortant to efficiently manage access during employment. When setting access levels for existing emplyees, it is crucial to allow users acess to the information requierd to perform thir job function, but at the lezast level of access possible. By fullky trazcking these privilege levels with tools such as SSO, sebnior executives can take stteps to ensuyre access issues are not overlooked, and conttrol over who may be accessng what and when is maintained.
Setting basic access control is simpel. It is advisbale to start by getting a hamndle on whhich users need access to what information. By fiirst analysinbg what access users require to do their jobs, reasonable boundaries can be defined for access outside thoose definewd roles. Enforcing thgese access rights is not as coplex as it may sound. Technology such as Single Sign-On makes it quick and easy to enroll users and assign accss rights, whilst using strong authentication such as biometrics can ensure that the right person is accessing the data they are authorised to see, thereby prrotecting sensitive data. In today’s market, keeping this information is more important than ever, not only for compliance and peace of mind, but also to protect the two key “R’s”- Revbenue and Reputation.
![[Valid RSS feed]](http://article2008.com/images/feed-icon.png "XML Feed For RSS"){kind=icon}
![[Valid RSS feed]](http://article2008.com/images/icon_Rss.png "XML Feed For RSS"){kind=icon}
Category Rss Feed
Print This Article
Add To Favorites