Our use of email has mushroomed to the point where it pretty much inconceivable to run many businesses without it. The number and size of attachments has also grown very significantly. This openness and our enthusiasm for email, while it can make life easier and improves productivity, has many disadvantages. One of the main ones is the greater difficulty we have in protecting the confidentiality of information. The opportunities for unauthorised viewing of data, data theft and data leakage have increased tremendously and organisations are now having to look urgently at managing this problem.
What data is at risk?
The increased standardisation on IP can mean that all confidential data which is held on a network is at risk and needs to be protected from unauthorised access, both inside and outside an organisation. Internally, there are risks from employees and skilled IT staff. It may be non-malicious, with people wanting to find out other people’s salaries. Or it may be staff accessing confidential company data, including personnel files, company plans and financial information. It could also be malicious, such as viewing and stealing customer information or company confidential information (e.g. research) to pass on to others. It may be employees who feel the need, for whatever reason, to leak company or government information.
Employees can also inadvertently expose confidential data to the outside world through the use of unprotected wireless, unprotected remote access or careless laptop use. Valuable sales information, for example, could be seen by competitors. Confidential information about customers or the public could be leaked. The large number of high profile cases of data leakage highlights this problem. Interestingly as mobile and remote workers increasingly store highly confidential personal information, such as passwords and bank details on company equipment, they are also at significant personal risk.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.