Skip to main content

Internal Threat

In today's world, it is the internal employee and other internal threats that are the biggest security concerns for any organization. There are a lot of measures to ensure that one is well protected from the external threat but most companies do not concentrate that much on the internal threats.

Follow the best practices for to mitigate internal risks. A few of my suggestions:
 
  • Have a well defined Internal Risk Assessment Program and Group.
     
  • Ensure that you empower this group with the powers to take corrective measures against errant employees and also that the top management toes the line too.
     
  • Conduct periodic internal risk audits. It would be better if these audits are sudden in nature.
     
  • Ensure that all documents and other sensitive data are adequately protected and access to the same is well documented and logged religiously.
     
  • No compromise/diversion from the existing policies defined whoever may be the person submitting a request.
     
  • If possible, install DLP (Data Loss Prevention) package based on your requirements.(ex: McAfee offers DLP)
  • Spread awareness amongst the employees and also educate them about the disciplinary actions that would be taken.
  • Keep a keen eye on any deviations from normal procedures/abnormal operations in all activities.

Labels:

Comments

Post a Comment

Popular posts from this blog

Netwars Competition

The NetWars game is a collection of computer and network security challenges. It is designed to represent real-world security issues: their flaws and their resolutions. Each player can follow an independent path based on individual problem solving skills, technical skills, aptitude, and creativity. The game is played in a fun but safe environment using the technology that drives our lives every day. The game starts when a player downloads and starts a CD-ROM image on a PC or in a virtual environment such as VMware Player. The image contains a brief tutorial and the game's full instructions. The player must find a hidden key within the image that is downloaded and then uses that key to enter an online environment where knowledge of security vulnerabilities and their exploits can be turned into points. Upcoming Competitions   June 18-20, 2010 PST September 17-19, 2010 November 5-7, 2010 December 17-19, 2010 April 29 - May 1, 2011 Click Here to read more
2 comments
Read more

Protecting the Kernel

Standard Linux Kernel When installing Linux it comes with the default Linux kernel compiled which is okay for most user, but when it comes to protect your data it is also good idea to build your own secure configuration. To get latest state or beta version of the kernel go to http://www.kernel.org/ Note: if you’re still unsure or feel uneasy if you want to do this then this is not for you. To get full details on compiling Linux Kernel you can visit: http://www.digitalhermit.com/linux/Kernel-Build-HOWTO.html#CONFIGURATION-INTRO http://www.faqs.org/docs/Linux-HOWTO/Kernel-HOWTO.html For security reason the DTS server kernel configuration can not be shown.
Post a Comment
Read more

New PDF Tutorials

I made some new tutorial enjoy! The Linux Permission PDF is how you can control your user see what files or folders. File Name: Linux Permissions.pdf File Size: 847KB Date Created: 03/25/2010 Download Now The Recover Your Data PDF is how you can recover your files in cases your windows operating system isn't booting up or your windows OS has spyware or virus.. This is the first half of recoverying your data. The second part will show you how to recover a deleted file, but that would be explain in the next PDF File Name: Recover Your Data.pdf File Size: 1540KB Date Created: 03/25/2010 Download Now   Hosted by Microsoft Office Live
Post a Comment
Read more