Main Marketing Finance C.Suite
Small Business Centre Mid-Sized Business Centre
Sign up for our Newsletters |   Email the Editor Email the Editor   Email a Friend Email a Friend about this article   Print this Page  Print friendly page

Your employees are your biggest security challenge

Constant education of users is crucial. When they join the company, a proper orientation should be held to explain the importance of information security, what it entails, what they should and should not be doing.
12/7/2007 10:34:00 AM By: Jack Loo


The biggest challenge to information and data security right now is indeed found in a company's employees, rather than from outside hackers, according to Tan Ai Tong, Singapore-based Director, Global Information Security of electronics manufacturer Celestica.

Tan, who is responsible for Celestica's global information security, says what makes his job very tricky is his employees' different attitudes and mindsets towards keeping company information safe. These range from how they perceive they should handle the company's vital information, to dealing with spam e-mails.

The Toronto-based company has more than 40,000 employees spread across more than 20 locations worldwide and "everyone has a different view or appreciation of what information security is all about," Tan pointed out. "In the past, we had problems like unknowingly sharing sensitive information and writing down of passwords, and these contributed to security risks."

"To me, that's the people issue. Technology can only solve so much. You can always try to improve on technology by having stricter controls and so forth," he said.

Too many gullible users

With spam e-mails, people are still opening them up. "There is only so much spam filters can do. There will always be some e-mails that get through to users," commented Tan on the technology available to combat spam e-mails.

"The question is how gullible these users are. We actually did a broadcast to our users to warn them about a particular spam e-mail and asked them not to click on it. We even showed them a sample of the spam e-mail looked like," explained Tan. In the end, there are still users who open the spam e-mails.

"Even when the message is so clear, they still want to click on the e-mail. When we question them, most of them say they were careless; they did not read the warning e-mail carefully. Some even said that they just wanted to see what can happen. This goes to show that people are the biggest challenge."

Solutions to address internal issues

Page Navigation 1) Too many gullible users can lead to problems
2) Use technology to manage complexity.

Next Page>> 
<< Back


Email a Friend Print This page

Share




Bookmark and Share