5 Biggest IT Security Risks in Companies

Aug 7, 2018 | Security |

Any company requires a certain amount of security for protection of employees, sensitive data, assets and information. However, no security is airtight, and there are always some areas of high risk that may compromise the security of the company.

1. Disgruntled employees

Disgruntled employees, especially those within the IT sector and those that have good knowledge and understanding of the systems and processes of the company are a high security risk.

Just a few years ago, Edward Snowden, an analyst of the National Security Agency of the USA leaked highly sensitive documents and information because he was not satisfied about how the firm was operating.

It is very important to revoke access permissions and to log any access or downloads done by the employees. If anyone is removed from employment, adequate steps must be taken so that they cannot access any of the companies data anymore.

2. Internet of Things

The Internet of Things (IoT) is a very useful and highly potentialed development in the field of communications. But due to the fact that it is a new development, the vulnerabilities are not fully known.

 In 2017, a North American casino had highly sensitive information stolen. The hackers got access to the network through a fish tank that was connected to the internet for temperature regulation.  

It is generally recommended that separate IoT networks be established for essential and non-essential tasks, which greatly reduces the overall vulnerability of the system.

3. Server rooms

You can have state-of-the-art IT security, but if your main servers are physically vulnerable or easily accessed, then it has no point. Physical vulnerabilities in systems should be addressed adequately, lest they open a weakness that can be exploited to harm the company.

Server rooms should have proper access controls, and any access should be logged. Unauthorized attempts for access should result in red alerts. Additionally they should also be kept in a separate safe and secure room.

4. Careless or uninformed employees

Careless or uninformed employees are just as dangerous as disgruntled ones. The only difference between them is that the careless ones do not know the consequences of their action.

For example, it came to light during the US Presidential elections that Hillary Clinton used unsecured servers for sending emails, which became the subject of an FBI probe.

Employees that do not use proper passwords, are careless with sensitive company information, or are not aware about proper security procedures are a huge risk to the company.

To circumvent this, each employee must be informed about the proper procedures. Additionally, it is also a good idea to conduct periodic security reviews of employees to check whether they are in compliance with the protocol or not.

5. Outdated software usage

Software upgrades may take time, and may be costly, but they can make all the difference between a secure company and an unsecured one. Technology is evolving at a rapid pace, and with advances in technologies, the older ones become more and more vulnerable.

In May of 2017, the WannaCry ransomware infected over 200 thousand computers in 150 countries, holding their data hostage for cash. It exploited a vulnerability in the Windows XP operating system, which was outdated and no longer recommended.

It is a good idea to be up with the times with respect to system updates, since one update can be the difference between a vulnerable or secure system.

The best security for your company

Our security personnel are recruited, vetted and trained in-house, and are all SIA certified. We provide you with a variety of security options, and plans that can be designed according to your need, so that you can focus on running your company while we take care of your security for you.

Give us a call on (0161) 724 8999 (option 1) or email us at enquiries@innovatefm.co.uk for more information.