In: Computer Science
You have been hired as a security consultant for a law firm. Which of the following constitutes the greatest source of security threats to the firm?
A) Wireless Network
B) Employees
C) Authentication procedures
D) Lack of data encryption
Answer). Option (B) Employees
Explaination of the answer :-
Their are many reasons of why employees are the biggest threat to the firm.
1.Lack of awareness
In many cases emplyees are unaware of what they should and shouldn't be doing.They may be unaware of devices being connected to an insecure Wi-Fi network or that they shouldn’t be storing customer details on a USB.Your employees may not be aware of the risks of using any device, work or personal, on an unsecured network. This could be the free Wi-Fi in the local café or on the train to a business meeting.These types of connections may not encrypt your data, meaning it could be intercepted and fall into the wrong hands. Where data is sent in an unencrypted format, such as plain text, you are allowing crooks access to potentially sensitive and valuable information.
2.Disgruntled Employees
Disgruntled employees can also share the information to the other i.e. to the opponent companies especially members of the IT team with knowledge of and access to networks, data centers and admin accounts, can cause serious damage to the firm.
3.Careless or Uninformed Employees
“A careless worker who forgets [his] unlocked iPhone in a taxi is as dangerous as a disgruntled user who maliciously leaks information to a competitor,” says Ray Potter, CEO, SafeLogic. Similarly, employees who are not trained in security best practices and have weak passwords, visit unauthorized websites and/or click on links in suspicious emails or open email attachments pose an enormous security threat to their employers’ systems and data.