Home / Security Awareness / Floating workforce – A risk for your business

Floating workforce – A risk for your business

Offsite Secure Data Backup’
Offsite Secure Data Backup’

Over the past few decades, liberation of data and the ways to stage-manage it has come with numerous benefits to the users that frequently deal with chunks of data every day. With the advantage of every useful thing, always comes the disadvantage intact. Hence, data controlling and manipulating trends have not emerged alone and have brought forward a much tedious task to ensure absolute protection of every bit and byte a user is dealing with.

Data protection is particularly a huge headache when you are relying on a floating workforce, especially when you have allowed your employees to access your database with their passwords as well as the use of USB memory stick and other portable storage devices is not prohibited or restricted to some extent.

A disgruntled employee equipped with a password and USB memory stick is a serious risk to any organization that has not yet implemented any sort of security measures over its server and database. Few minutes of a hideous activity can expose your company to a serious event of data breach.

When you have not protected your databases from unauthorized access, a determined employee with the password and a USB memory stick can easily copy your data and move it out of your bounds within a few minutes. Once the data leaves the premises of your company, it is lost or has fallen into wrong hands resulting into a commercial and reputation damage of your company, which is – unless it happens-, cannot really be estimated.

Not only does this kind of events push the company into the financial and reputational damage but the loss of time is also a dire outcome of these data losses. Management has to give it good hours or days in attempting to reverse the damage or at the very least recover what they have lost.

A temporary worker might feel little loyalty to an employer. He may be a spy working for your rival or some disgruntled one who is not really satisfied with the way you handle your things. For an employee like this, there might be a zero level or little loyalty can be expected for the company, which makes him a great risk to your data and sensitive information. IT support companies report that security problems often start with poor recruitment processes, over-reliance on agency staff or employee retention problems.

But is that really a solution? I bet it’s not. Even a permanent employee can turn disloyal to the company and pilfer the data he was authorized to access. The actual solution to this problem is at first to employ good human resource practices so that a clear view of security policy can be projected to your employees. The staff should be very smartly informed about the boundaries of what they are and are not allowed to do, access and modify. Emails and internet usage do count in it.

Not every member of your staff needs to access every bit of the data you are storing in your database which calls for the restriction of access to data with a grant to assign additional rights on a case-by-case basis. The management should also be aware of the actual need of the employee before assigning him the access to the data he asks permission to. Moreover, the right to modify the data these employees get access to should be limited to a certain authorization level. It is always smart to set different levels of login and security so that a secure server can easily become manageable by even the non-technical end workers.

Furthermore, the most sensitive and extremely private company information should be kept locked and encrypted on your servers or at the very least be strongly password protected so that no user except for the one with authority can access the data so protected.
In the same way, USB ports and CD/DVD drives should never be left opened and unprotected in an organization where a great number of employees are working and dealing with lots of data every day. The use of these devices should be restricted to call-on basis so that whenever an employee needs to pop a USB memory stick into a protected port, he asks the management for the permission to use it.

The crux of all this discussion falls onto the deployment of a perfect security plan in your organization as soon as you can. Nobody wants to have to ring their clients to admit that their confidential information has been lost or stolen. Worse than that, if someone from your floating workforce walks out with data in his hands, it can rip the heart out of your business.

Check out our top notch data security products and rest assured that your security is in good hands.

About Jennifer Garcia

Jennifer Garcia is an Information Security Analyst and Writer at NewSoftwares. You can contact her at jennifer.garcia@newsoftwares.net or follow her on Twitter

Check Also

the-story-of-mike-the-malicious-employee

The story of Mike the malicious employee

This is a story of Mike and how he got away with stealing corporate data, ...

Leave a Reply

%d bloggers like this: