Security: Protect Your Company From Inside Threats
In this era of security breaches made public, you can’t be too careful when it comes to protecting your company’s sensitive data. Sure, you may be trying to secure your company’s data against external sources, but are you doing anything to protect that data from internal threats? Computer Associates, an IT management software provider, offers the following “do’s and don’ts” to keep sensitive data safe from potential disastrous inside threats.
1. DO ensure that former employee and contractor accounts are deleted or disabled promptly. Your IT and HR departments should coordinate efforts to keep old accounts from accessing sensitive company information.
2. DON’T allow IT staff to use a shared system administrator password. System administration privileges should be assigned to specific individuals. This makes it much easier to track actions taken using system administration accounts.
3. DO make sure to train employees on security policies. It’s especially important that employees understand why individual policies are in place. Make sure, for example, that they understand why passwords shouldn’t be written down or shared between employees.
4. DON’T burden your employees with complex security practices. Security practices need to be complex enough to protect your systems and data, but simple enough for employees to follow. Complicated practices such as multiple passwords to access a single system will lead your employees to find ways to circumvent these harsh practices.
Computer Associates may be reached at (888) 423-1000.