IT managers have to keep an eye out for a lot of security holes, so unfortunately a portion of them tend to remain open at many companies.
Here some of the threats that most often go overlooked:
- Unauthorized smartphones – IT departments go to great lengths to make sure all the computers and other devices connected to the corporate network are secure — but many allow users to connect to WiFi on their personal gadgets. That can cause problems if those smartphones are infected with malware, or intruders could gain access to the phones via Bluetooth and use them as a back door to get on to the network.
- Printers and other devices – All network-attached peripherals can allow hackers access to the corporate network. Those devices all run software, and software can be vulnerable. Advice: Treat all peripherals like you would any other workstation or server.
- Insider threats from business partners – Even if companies thoroughly vet all employees, including IT staffers, they may still encounter threats from people like consultants, vendor representatives and outsourced IT staffers. Take the same care when choosing and monitoring those people as you do with your own employees.
- Passwords written on sticky notes – A password policy does little good if users write their passwords down and leave them by their computers. Train users on how to choose and protect their passwords.
- Paper – With all the attention IT security gets, it’s still important to make sure paper documents are kept secure, too. Key steps to take include shredding documents when they’re no longer needed and locking file cabinets with sensitive info.