Internal and External Risks to Security in Organizations

The most devastating attack that a company can take would be from the inside instead coming from the outside. Employees are the most potential target or can even be a janitor that has access to the majority of the rooms in the building. One of the most important thing that I have learned in security through this lesson is that there is a different type of security layers we must have in consideration. Whether we must apply more security physically or logically would be two of a different thing. For example, for the physical layer security, it is essential to keep in watch of people going to places they are not supposed to, and you don’t know who did what. Some measures including setting a CCTV system installed would be one of the procedures taken to prevent security issue at the physical level. Some other preventions include putting a lock on the door for the server room with only people granted access can enter the server room. Or shutting down network ports that are not in use or setting your pc up to prevent USB drive usage.

When it comes to logical level security, one of the biggest key to put in mind is to protect password being used by intruders. The first thing that security experts should look into is the basic fundamental security practices that engineer take. Such examples are shutting down unnecessary network ports open to the outside world and setting basic cybersecurity policy in place. There should be different proactive measures be put in place such as LDAP authentication with an Active Directory server and how users authenticate to access the data they need. It is recommended widely to change the password on a timely basis with a minimum requirement of the specific key combination. The next biggest problem is to use with their own devices. This is another security concern of many in the modern day world, such as cell phones. Every manager would know that there would only be an adverse outcome from asking people not to bring their cell phone over to work. Some of the security measures we can use are asking the user to connect to a wifi that is only designated for guest use. Creating a network that is completely separated from the production.

References

Zaharia, A. (2016) 10+ Critical Corporate Cyber Security Risks – A Data Driven List. Retrieved from

https://heimdalsecurity.com/blog/10-critical-corporate-cyber-security-risks-a-data-driven-list/