This page contains a Flash digital edition of a book.
IP SECURITY & ACCESS CONTROL


How the Edward Snowden effect changes everything Securing businesses from within By Francois Amigorena, CEO, IS Decisions


IP security is important to any business and increasingly organisations are coming to understand that access control is a large part of ensuring that security. This has especially been the case


since Edward Snowden made headlines by convincing his colleagues to share passwords so that he could gain access to classified files.


By disclosing some 200,000 highly


Francois Amigorena explains how the former NSA whistleblower has changed the security landscape….


confidential National Security Agency documents his actions have ensured that businesses are more aware of the threat from within. But whilst awareness is growing, it is doing so relatively slowly. According to IS Decisions’ research


there are still more than 1,190 internal security breaches occurring in UK businesses each day. However, our report - `The Insider


Threat Security Manifesto: Beating the threat from within’ - shows only one in four UK IT professionals consider insider threats to be in their top three security priorities. Instead they are more


concerned about threats from viruses (67 per cent), data loss (47 per cent) and hacking (also 47 per cent). In our opinion, IT professionals


are failing to consider their own staff and colleagues as a serious threat. It’s almost ironic that they should be more concerned about data loss, as the most common way for an organisation to leak data is via an employee. The reality is that more often than


not, the greatest risk to any organisation comes from within. The unhappy employee, or rogue insider who will go to any length to gain access to the organisation’s crown jewels and share the sensitive data.


The Snowden effect Although Snowden’s actions last year were to put an entirely different data security issue on the international media agenda, he inadvertently highlighted insider threats too. However, Snowden clearly undertook


his actions with specific intent, and the trends tend to be that malicious employees are the exception rather than the rule. Ignorant users are in fact a much more common source of data breach, and represent the greatest concern for IT professionals. Snowden did not use any complex


IT know how or hacking techniques to gain access to files he should not have done, he simply asked colleagues for their passwords, socially engineering a situation in which they were willing to share sensitive information with him. This openness to sharing passwords


is the biggest area of weakness in organisations when it comes to insider threats. In terms of the reasons for this


prolific violation of security policy, IT professionals estimate one in four employees are most likely to share passwords simply when a colleague asks for it, which shows the problem does not just lie in technology but is a behavioural one too.


Security: no longer for techies... 30 NETCOMMS europe Volume IV Issue 3 2014 www.netcommseurope.com


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44