Internet Security has become an umbrella term encompassing everything from hacker detection to anti-virus protection. The focus of this article is on how employee misuse of the Internet can affect your bottom line. One of our company's quickest success stories was a customer who kept losing competitive bids for contracts based on price. Fearing an inside leak, the customer installed our Employee Internet Management software and quickly discovered that one of his employees was being compensated for emailing confidential bid details to a major competitor. Another of our customers, a large hospital, was inundated with viruses -and not the biological sort. Computer viruses were frequently plaguing its systems, rendering them useless at times.
Antivirus and antispyware software tools would successfully clean up defiled systems, but only after they wreaked havoc for users and the IT staff. The hospital installed our solution in order to identify usage patterns and determine and block likely Web sites and users that were the root cause of their issues. The hospital's primary concern was that an employee could inadvertently download a trojan, making an infected computer a gateway to external hackers and providing unauthorized access to patient information.
The fastest growing cyber crime involves the buying and selling of intellectual property-a company's new product designs, proprietary financial information and confidential memos. An increasing percentage of valuable corporate data is being electronically siphoned and sold to the competition. As the Wall Street Journal reported, the biggest threats to information security often don't come from hackers. They come from a company's own employees. The insider threat and internal surrogates are the focus of the Department of Homeland Security's National Cyber Security Division. Malicious acts by disgruntled employees, viruses picked up in e-mail spam or from seemingly innocuous Web sites and corporate espionage are all areas that require conscientious governance. Security risks may also be inadvertent. Take Phishing for example. Here, a phony Web site dupes unsuspecting users by publishing Web pages with the look and feel of the authentic Web site it intends to mimic.
Suppose your accounts payable clerk receives an email from what appears to be your company's bank. She responds to the email which asks her to click on a Web link to update her email address. As expected, her Web browser opens and she is taken to a site that has been built with the exact look and feel of your bank's Web site. As usual, the clerk is prompted to enter her secure user name and password. After entering her credentials, nothing visually happens.However, something very damaging does happen; The Phishing site has captured her credentials and the authors of the phony site can now access your account at the authentic bank Web site. The bottom line is if you are in business and your employees use computers, you need to protect your data against unauthorized access - both internally and external - and the best methods for doing so are always a balance between technology and personnel management.
The next series will discuss strategies for dealing with productivity, liability and security issues caused by inappropriate use of the Internet. Pearl Software provides Internet monitoring, filtering and control products to government agencies,corporations, hospitals, schools and libraries throughout the world. Pearl Software's key patent-pending products include Pearl Echo®, Website-Echo(TM) and IM-Echo(TM).The company also offers browser control software, TakeMeHome(TM) and partners with law enforcement to extend the application of its remote and mobile Internet monitoring and control capabilities. For additional information on Pearl Software or to request a full copy of this transcript.