Page 25 - Security Threats new3
P. 25
7. Internal Employees.
An internal threat refers to the risk of somebody from the inside of a company who
could exploit a system in a way to cause damage or steal data. These kinds of threats
are particularly troubling, as employees are expected to be trusted individuals that are
granted extended privileges, which can easily be abused.
To better understand internal threats, we will learn about what kind of damage
an employee can do from the inside, alongside the unsafe practices that allow them to
engender digital mayhem.
1. Employee sabotage and theft of data and / or physical equipment.
2. Unauthorised access by employees to secure areas and administration
functions.
3. Weak cybersecurity measures and unsafe practices.
4. Accidental loss or disclosure of data.
1. Employee sabotage and theft of data and / or physical equipment.
Employees have the privilege
of accessing a wide range of
physical equipment inside of a
company, with only trust to
prevent them from damaging or
stealing it. This means that
hardware like hard drives,
containing lots of important data,
can be physically stolen from the
company; otherwise, the data on
it can be transferred to a USB
flash drive and then revealed and duplicated online.
Additionally, employees could purposely damage the businesses equipment or
data, such as by deleting the data, or smashing a hard-drive.
Alternatively, disasters like fires, floods, power loss and even terrorism can
occur. This can, of course, destroy equipment and the data it stores. Some of these
are naturally occurring, but they can also be caused on maliciously on purpose as
part of an attempt to sabotage the business.
2. Unauthorised access by employees to secure areas and administration functions.
