Relocation Challenges of the IT Department, Part 6: Installing a Security System
Keeping the Bad Guys Out
We all know that security is an important concern, but do all of us take the necessary measures to ensure it? Who exactly are the "bad guys"? Criminals, hackers, people walking in off the street? Sure.
But your own employees?
Yes.
Shocking, isn't it? Studies have shown that the biggest threat to your network operation is the accidental or even intentional misuse of the computer system by employees. You have to take steps to protect users from themselvesyou're putting them at risk just by providing the opportunity for abuse.
If you've been an IT professional for a while, you've probably had to recover files and directories from backups that were accidentally erased or overwritten by another file with the same filename. It happens from time to time. You have to give users enough permission to access the data files they need to do their jobs. What can really hurt a company is a disgruntled employee or former employee with access to the network.
This article discusses physical securitythe system that prevents unauthorized users from getting into the computer room and even the suites on the floor.
TIP
Don't forget procedures:
Terminate an employee's or contractor's network account when he or she leaves your company or stops providing a contracted service.
Be diligent about account maintenance, including changing passwords on a frequent basis.
I know of cases where a person left a company and had his or her account terminated, but still knew another employee's account ID and password. That's just as good as having his or her own login.