Monday, September 23, 2013

People are Not Robots-It’s a Business

People, Process & Technology are 3 critical gears of any system. The organization is spending humongous effort in developing a consistent environment for building services, solutions, products for a community. Conceiving the services may be worrisome due to over reminded buzz world called “Cyber Security”. Cyber Security is often associated with the External hacker community and very less preference given to Internal Employee. Reason has been a trust; However, Responsibility always comes with Power which has profound root under the ground. 

People are Not a Robot, they will try to take control of systems or react differently if the security culture is not deep penetrated inside the foundation.”

News broke this week about IBM’s latest file leak, where a former employee with access to confidential information regarding IBM’s play in cloud computing technology leaked hundreds of pages of documentation, shedding light on IBM’s weakness within the cloud computing industry. The breaches similar to this has affected the stock emotion and further reputation of the company in delivery services.  

Inside threat is the area of silence and always given second preference; however, the results are more painful than External threats. 
A survey was conducted on Insider Data Privacy, which has revealed some alarming situations



The Typical data movement practice followed are removing data was to copy it to a staging site on the Internet, such as iDisk or DropBox, with 43% choosing this channel; 36% used webmail to send out files as attachments, 29% copied information onto a USB device and 3% feels taking printout.

Data Leak Prevention system should be enforced at the foundation of the system not leaving any member out of its perimeter. This ensures data(structured/unstructured) protection to minimize the risk of a breach or a loss of intellectual property. A strong segregation of duties measures is incorporated to mitigate risk arising from Administration perspective.A careful attention should be given, so that productive working relationship of the Employee and Organization should not get restricted.

No comments: