Some of the biggest and best targets hackers choose are company accounts. HR departments of many companies, for example, are often very conservative in their approach to change making them particularly vulnerable to cyber attacks. They often have the oldest systems with the weakest security. The following are five of the biggest gaps in company security. Taking measures to close these gaps could go a long way in protecting the precious and sensitive data many of them have.
1. Manual Payroll Systems
The primary vulnerability is manual processing of the payroll accounts, which are often done using spreadsheets and programs like Excel. This security problem is especially prevalent in international payment processing. Even when the accounts are well protected, the manual aspect leaves them vulnerable to the biggest risk of all – the human factor.Automating payroll is an idea whose time has come. It is cheaper than employing a staff of workers and it keeps data safe from phishing schemes and other ploys that target people’s behavior rather than system security.
2. Sending Sensitive Data by E-Mail
Email has been one of the most useful tools in the history of technology, judging by the sheer number of people to use it daily. It has withstood challenges from numerous other communications tools and remained as strong as ever. Naturally, it is also one of the biggest targets for cyber criminals.These kinds of attacks will continue as long as companies continue to allow sensitive information to be sent through channels as ubiquitous as email. Again, just as with manual payroll, even if the emails are secure, everyone remains vulnerable to dummy accounts. After all, who has time to check for irregularities on every email they get from a seemingly trusted source.
3. Keeping Proprietary Information on USB Sticks
The advent of the “disk on key” has made life easier for people who wish to transfer large files between computers or to take files home with them. But the files on USB flash drives rarely have any protection, and if the disk is lost or stolen, there is nothing to prevent other people from gaining access to proprietary material. That’s why the best defense against this type of security breach is simply to avoid ever putting sensitive information on portable disks. Once the files are lost, there is no way to bring them back or keep them from being spread if people who steal or find them choose to do that.Be safe. Keep important information only on secure servers accessible only be those who have been approved by the company.
4. Delays in Installing Security Updates
Even the best security systems send out periodic updates. These are often patches that cover vulnerabilities that have been discovered. If the company is a way of vulnerability, it is only a matter of time before the hackers find them as well. So it’s vital to install the patch as quickly as possible.
5. Leaving Documents Unattended
One of the most common practices that expose business documents to possible security breaches takes place virtually every day at many offices. It consists of leaving private documents unattended at workstations, on open computer screens, and especially at printers.Companies must combat this practice, as natural as it may be to the workers, by setting strict office policies against leaving documents unattended. There must be a rule that any document has to be put away to a safe place whenever a worker leaves his or her desk. The policy must also extend to the disposal of confidential documents. They must be shredded in order to avoid theft after they have been thrown out and assumed to have been disposed.
Article By – Harshita C. Jadhav