Despite the numerous warnings that redundant and dissatisfied staff pose a security risk a significant number of companies are failing to protect themselves against internal threats.
The survey threw up a figure of 50% of the number of employers that did not view staff departures and the potential for data loss or theft as a problem. In addition 21% of those quizzed revealed they had no way of tracking critical data to pin down where it was at any given point in time.
Even last summer it was becoming clear that one of the main security threats was going to be the internal problem with staff taking out their frustration on the corporate network.
“Too much emphasis has historically been placed upon the need for anti-virus and anti-spam applications – external threats – and this has led to the common belief that with these, your network is secure enough,” said Walter Scott, CEO of GFI Software.
“With the economy prompting more and more redundancies, there are more disgruntled employees who pose a potential risk to an organisation’s data. Network administrators must pay more attention to access rights holders’ ability to copy, edit, delete or distribute data – this need is long overdue and is only more essential in current times,”he added.
Dave Ellis, director of e-security, professional services and training at ComputerLinks, said that the internal threats had always been there but had perhaps been a lot priority when things were going well but needed to be taken more seriously in a downturn.
He added that there was a clear role for resellers to take the message about internal security out to customers.