Whichever way one looks at network and data security, one of the most critical security vulnerabilities facing small and medium sized businesses is human behavior.
Human beings and their actions within an organization are often overlooked when administrators are handling the security of their network and their most important asset, data.
IT administrators in SMEs are often overworked and required to do tasks that an administrator in a large business would never dream of doing. Although they make every effort to secure the network and the organization’s lifeblood, very often their efforts do not always adequately cover the weakest link: those who use the system and have access to the data.
And this is a major problem because many security breaches occur not because the system was hacked by external sources but simply because an employee did something that compromised the IT administrator’s efforts to protect the network.
This is why it is so important that administrators pay close attention to those who are allowed to access the network and what they are allowed to do with it. Unfortunately, where human behavior is concerned, basic security steps are often neglected or not given enough attention. Here are a few:
1. Failure to implement the principle of least privilege
Giving administrator rights on employee machines or full, unaccountable access to all data at share and file-level is a serious security risk. While the concept of least privilege is the best course of action, it is not always possible as limitations in the system will then be your worst enemy (and administrators already have enough on their place). For example, Windows XP with least privilege implemented is a nightmare to administer and use.
2. Controlling the use of portable devices on the network
Endpoint security is often overlooked by administrators who fail to realize that the USB sticks or iPods employees bring to work every day are a perfect tool to copy data to or from the network. In a worst case scenario, a ‘trusted’ but ‘disgruntled’ employee can bypass encryption, copy huge amounts of data or upload malicious software, effectively bringing the network down or deleting important data.