Recently Written

• IT-BPO builds value up in Cebu and Mandaue, Philippines
• Know When to Outsource
• Philippines and Australia’s Future in IT-BPM
• Japan’s game developers look to the Philippines
• Social Media Philippines: Key to Success
• Outsourcing for Small-to-Medium Enterprises
• The Ten Commandments of Outsourcing
• How to Choose an Outsourcing Destination
• The Rewards of Outsourcing
• The Factors Behind Outsourcing

Categories

• Expert Corner
• Outsourcing Features
  • BPO
  • General
  • IT Outsourcing
• Outsourcing News

Archives

• August 2014
• June 2014
• May 2014
• April 2014
• March 2014
• February 2014
• December 2013
• November 2013
• September 2013
• August 2013
• July 2013
• June 2013
• May 2013
• April 2013
• March 2013
• October 2012
• September 2012
• May 2012
• April 2012
• March 2012
• February 2012
• January 2012
• December 2011
• November 2011
• October 2011
• September 2011
• August 2011
• July 2011
• June 2011
• May 2011
• April 2011
• March 2011
• February 2011
• January 2011
• December 2010
• November 2010
• October 2010
• July 2010
• April 2010
• March 2010
• February 2010
• January 2010
• December 2009
• November 2009
• October 2009
• September 2009
• August 2009
• July 2009
• June 2009
• May 2009
• April 2009
• March 2009
• February 2009
• January 2009
• December 2008
• November 2008
• October 2008
• September 2008
• August 2008
• July 2008
• June 2008

Admin

• Log in
• XHTML

Search

Corporate information is on the target list of cyber criminals.  Just recently, a  hacker group is brazenly ramping its antics through cyber attacks targeting even the US Central Intelligence Agency. This exposes how poorly defended many networks are against Internet marauders.

Cyber criminals capitalize on social engineering techniques to break the weakest link in information security structure, the corporation’s employees. The recent fake Bin Laden execution videos on Facebook is an example of cyber criminals using the social medium as a means of attack. These attacks employ social engineering tactics that trick people into clicking links that directed to malicious websites and software.

Conventional security software are designed to guard outward, with very minimal security measures in place to prevent data loss from the inside.

Employee activity is therefore very crucial. Confidential information, from personal banking credentials to management plans to in-office politics, can be leaked if workers are not careful with what they share online.

Cyber criminals can piece together data from information uploaded by employees in these sites to create convincing ploys that would eventually give them access to vital places inside the network. This can potentially lead to information theft through malware attacks or data leaks endangering company trade secrets.

Cyber criminals may gain access to sensitive corporate data if an unsuspecting employee executes a malicious script sent via their email or social networking accounts. This problem is exacerbated by the increased use of mobile devices such as tablet PCs, laptops, netbooks, and smartphones in the workplace, plus the employees’ unofficial use of the corporation’s Internet.

The easiest solution for a corporation to prevent attacks is restricting employee Internet access.

In other cases, policies even go as far as disallowing workers to use their mobile devices in the office.

Though these solutions seem simple and foolproof, these actually hinder growth and performance in the long run as social networking sites can provide direct access to targeted customers and clients to foster lasting relationships with such clients, who use their own social networks to promote/recommend certain services.

Instead of limiting social networking use, it is recommended to go through the holistic approach of automated security and workplace computing policies to keep the workplace safe from data breaches and leakage.

Here are some recommendations on how to secure social network use in the office against malicious attacks.

• Allow employees access only the information or resources necessary for the tasks assigned to them.

• Create comprehensive yet flexible policies and restrict access rights that will govern the use of portable devices and social networking sites without hampering employee productivity.

• Educate employees on the impact of data leakage through orientations on email handling, file sharing, mobile device usage in the work context, and how employees should conduct themselves on social networking websites

• Back up all important data in case the system is ever compromised. Company programs, applications, and operating systems must be patched regularly to avoid having vulnerabilities which cyber-criminals can exploit.

• Install security solutions that can secure company data at all ends, but also helps lower operations costs and cuts down system complexity. Security that supports compliance with industry regulations by implementing controls for protection, visibility, and enforcement.

• Re-evaluate current security software. The in-place security solution should be able to provide real-time 24×7 network monitoring without burdening the system’s performance.

• The security software must be able to scan, monitor, and encrypt private data in endpoint input and output devices, as well as defend all possible network channels, blocking unauthorized data transfers through email, HTTP/S, FTP and instant messaging. Then, notify employees of potential risks.

Source:
"Preventing Security Breaches in the Workplace." 17 June 2011. 
The Manila Bulletin. Accessed 18 June 2011.  Link Here.

Comments

Recommended Providers

• BPO Jobs Philippines
• FTE Outsourcing
• Outsourcing Solutions, Inc.
• People Support
• TeleTech

Recommended Articles

• Outsourcing in Cebu
• All About Outsourcing
• What is Outsourcing?
• Who Benifits from Outsourcing?
• Outsourcing in the Philippines

Ask the Expert

Please click here or send an email to jeff@outsourcing.ph with your questions about outsourcing.