From Vu-Net, Read the whole thing IT strategy – The naked truth – vnunet.com
IT strategy – The naked truth
The biggest security threat to a company’s data is not nefarious hackers but staff who are blissfully unaware they are the problem.
Tom Berry, Financial Director 11 May 2005
…………………………..But there are other ways for criminals to get hold of sensitive company information, without them having to hack into company systems – like buying it on eBay. In the past few weeks, company documents, passwords and customer credit card details have all been found on hard drives bought in online auctions.
In some cases, the previous owners – many of which were large multinationals – had made little or no effort to erase the data from machines before disposing of them. In a few cases companies had employed third parties to cleanse the disks for them, but still information was retrievable. “This is not embarrassing for us; it’s absolutely horrifying,” said one company.
The real weak link in IT security, however, is from within an organization. Employees have a habit of making life easier for the cyber criminal. People are forgetful, so they tend to use passwords that are easily identifiable. The word ‘password’ is a popular and ill-advised choice, as are children’s names and birthdays.