Your Employees are Your Most Important Security Feature, and Biggest Risk

Here’s a question: on a scale of one to ten, how confident are you that your employees are acting in the best interests of your organization’s network security? How confident are you that you’re setting a good example when it comes to handling your business’ security? Unfortunately, any confidence you have on this matter may be misplaced.

Nobody likes to think that an employee would (or could) be deliberately responsible for a network security breach. However, a recent study revealed that 95 percent of surveyed businesses have employees who were actively involved in undermining the security measures the organizations had put in place. The same report stated that:

• 60 percent of attacks can, in some part, be linked to a company insider.
• 68 percent of which are the result of employee negligence.
• 22 percent are the result of intentional malicious activity from a company insider.
• 10 percent come about as a result of credential theft.

Studied workforces also found that negligent behavior included the common misuse of company resources to access inappropriate content. 59 percent of those organizations surveyed had employees using the network to access adult-themed websites and 43 percent reported trends of employees using the network to engage in online gambling activities.

It isn’t as though these networks were left unprotected, either. One of the companies covered in this survey discovered that in order to bypass their company’s network restrictions, one of their employees had simply done an online search for “how to bypass network proxy” and run through the results until they discovered one that effectively rendered the company’s network controls ineffective.

On a related note, a lot of the most effective means of attacking a business has been proven to be targeting one of its employees in what is known as social engineering. An untrained employee may not recognize the warning signs of such an attack, assuming they were even aware of the risks in the first place.

Taking all of these facts and figures into account, one thing becomes clear: your employees are your first and last line of defense when it comes to your cybersecurity. As such, it is crucial that they are not only fully educated in the terms and warning signs that accompany a breach, but are made aware of the procedures you have in place to protect your business and why these procedures are so important to follow to the letter.

Directive can help you improve upon your cybersecurity as it stands. We are available to help ease your workforce into the transition. Our network security strategies and solutions can help your organization comply with industry best practices; and, we can help implement controls to prevent your employees from allowing their personal activities from interfering with their workday productivity. Give us a call at 607.433.2200 for more information.