Seven Ways Employees Accidentally Put Your IT Systems at Risk

Taking risks is inherent to our lives. Usually we don’t even think about the potential harm it could cause us. For example, without thinking we get into our cars and drive 55 mph down the highway while surrounded by two-ton vehicles barreling past us. We do take precautions to protect ourselves by wearing seatbelts, buying cars with airbags and paying for insurance.

commute-risk

However, what about those risks that we don’t even realize exist? Many companies do not recognize the many common ways employees leave their IT systems susceptible to unauthorized cyberattacks.

Here are seven common scenarios where employees have accidently allowed unwanted access into a company’s IT systems. Could any of these be happening in your company today?

  • You gave a part-time employee access to your entire customer data base so she could do a data entry project. The project was completed last year, but no one has remembered to cancel her access rights.
  • Everyone likes productive employees that use mobile devices to stay connected to work, however one of them left their phone at the mall food court during lunch. The phone was not encrypted and you have no way to remotely wipe the data.
  • An employee is collaborating with a remote contractor and they set up a free cloud storage account. His networked computer stays logged onto the site even when he is not using it.
  • Your MBA accountant has a hard time remembering passwords, so he uses abc123 to access the confidential financial software system your company uses.
  • The most organized employee goes on maternity leave and despite her detailed instructions no one remembers to back up company data for weeks.
  • That office administrator, whose spouse thinks she spends too much money shopping online, sits next to the sales desk where all customer credit card data is stored on a computer that does not automatically lock when not in use.
  • You have old computers collecting dust in a storage closet that an ambitious intern places in the open alley for the electronics recycler to come pick up next week.

Any number of easily overlooked security risks can cause major problems for companies. Reducing your IT risk isn’t as simple as putting on a seatbelt. You can however conduct regular audits to manage access, require complex passwords and security protocols and automate system back-ups to prevent unintended access into your organization’s confidential information.

For more information on IT risks, read our white paper “ Ten Hidden IT Risks and How to Protect Your Business.”

If IT security isn’t in your wheelhouse of expertise, consider hiring an IT consultant to audit your systems and a managed IT service provider (MSP) to manage your network and system security.

Partner Logos