IT Data Theft is Often an Inside Job

IT Data Theft is Often an Inside Job

Posted by Dallas IT Solutions at *

by Timothy Justice

As computers become more advanced, the security threats to the data on the computers becomes more real. The encryption standards that were considered state of the art 10 years ago are now vulnerable to rather weak software exploits, and traditional passwords can be compromised in less than five minutes by rather unsophisticated, easy to obtain software. For obvious reasons, I’m not going to tell you how to FIND that software, but it is 1) out there, and 2) completely legal.

But it is not these pieces of software that you need to fear. Any network administrator worth his/her salt is well aware of the presence of these programs and has taken steps to protect their computer network from attack using these exploits. Hacking into a network in this computer age is not a matter of connecting directly to the target computer; security is implemented in layers, and finding the presence of a computer on the network is only the first piece in a rather large, complicated puzzle. And these layers will not be set up the same way; getting through one hole doesn’t mean you will get through the next.

The biggest threat to a company’s data is actually a rogue employee within the company. Getting in from the outside often means navigating a complex maze of firewalls, encryption, password protection and other security methods. And it means doing it quickly; once an attack is detected, the network administrator can and often does slam the door on the intruder, leaving them not only holding the bag, but needing to find another way in, as that vulnerability will quickly be patched.

A company employee has already achieved the first task in compromising a network: gaining access. Because they already have permissions on the network and are inside the DMZ, employees do not have to navigate the outside layers of security. The information, once gathered, can be passed outside the network rather quickly.

A well prepared network administrator knows this, however, and should have constructed the network to minimize the damage that can be done by individual employees, and to ensure that any employee who does manage to compromise the network can be quickly tracked. This is the main reason many companies monitor computer usage; they’re less concerned about you watching YouTube than they are about your potential use of the Internet to remove proprietary and confidential information from their network.

As an employee, you should be aware that anything done on your user account will be traced back to you. For this reason, you should lock your computer if you will be away for even 5 minutes, and log off every time you leave for the day. An open computer is an invitation to a would be cracker, just as an open door or window is an invitation to a would be burglar.

For more information on securing your network, call Tech Central at 972.996.6650