Attackers Can Come In Many Forms – Some Might Be Right Next To You

Many organizations fear the worst that they might be next on the list of data breaches that have been sprouting across the world. Many will take precautions and seek external expertise to safe guard their sensitive data. But while you are bracing and protecting yourself from external threats you might be overlooking other threats, ones that you least expected.

Did you know that based on a survey conducted by SailPoint, one in seven employees admit they would sell passwords to outsiders for as little as $150. That’s a small price to pay for a thief trying to gain a competitive edge. These stats are alarming as one would not suspect for an employee to conduct criminal behavior against their own company for some a small price.

Even if the intent is not criminal behavior, but simply put “human error”, as Humayun Wahab has mentioned in his blog negligence or human error is the primary root cause of data breaches. Forty percent of incidents involve a negligent employee or contractor (human factor), that’s two percent more than incidents involving a malicious or criminal attack.

According to SailPoint, poor password controls are causing huge security vulnerabilities across larger companies, and putting corporate resources and customer data at risk. Some of the poor passwords management areas were sharing passwords with other employees, which can give unauthorized access to sensitive information. And the more people know the password to this sensitive information the more room there is for human error. Keep your passwords where they belong, in your head.

Another example of human error is using the same password across multiple accounts, making you vulnerable to attacks, as it is easier for the hacker to access various information distributed amongst many accounts. There are many ways employees can ensure properly management of their passwords, look to our previous blog “Weak Passwords” for some helpful tips.

Previous Post
Medical Fraud Is More Than Just a Breach
Next Post
Healthcare Data Breaches – Same Wood, Different Tree