A lot of security problems are attributed to insider threats. A lot of it may be due to the oops factor; we do it accidentally. Most of us don’t willingly comprise our company or personal security, but sometimes it happens because of a lack of knowledge.
I think a lot of this can be traced to insufficient training. Most companies just assume that everyone knows how to operate a computer. If a new ERP system comes in, people are trained on that. But how about email, Microsoft Word, Adobe Acrobat and the basic browser? And what about basic computer security? Most people are just expected to figure it out on their own. How many times have you accidentally hit a key and something happened that you didn’t expect? And if it did, you weren’t sure how to “undo” it?
Most companies have employees read the security or ethics policies saying “Though shall not send anything confidential to anyone . . . etc, etc, etc.” But most people aren’t trained to safely and securely use their hardware and software. Technology can solve many problems by preventing viruses, malware and hackers from wreaking havoc, but until users are trained on operating their computers securely, we will still have problems.
Knowing what your users know (or don’t know) can help you prevent another oops.
What do you think?
photo credit aNantaB
– Written by Ron Arden