Reports of data being compromised are becoming fairly regular aspects of the daily news. People are not hearing of a security breach every day, but corporate and governmental data is being
compromised with some frequency. This has led to a $250 billion industry, which is projected by some to double over the next decade, which revolves around online security. All the money in the world, however, might not be enough to prevent information leaks.
The External Threat
Many of the security breaches that are reported in the daily news are the work of people outside of the company or governmental agency that was hacked. Individuals, hacking groups, competing companies and foreign governments all might stand to gain from a security breach of specific confidential data. Businesses today are threatened by outside sources, and they must guard against the threat.
Protecting data from external threats requires constant vigilance, along with regular software and hardware updates. In some situations, businesses have decided to keep their precious intellectual property and confidential data on local servers. Their IT departments manage these servers, and the servers are not connected to the internet. With this system, an external person or organization cannot hack the data, without physically entering the companys property.
Most of the time, hosting all classified data offline is impractical. People need to use this information, but only specific persons should be granted access to it. Businesses faced with this situation often outsource their IT security needs to a company that promises to prevent a security breach. Data may be hosted in the cloud or on local servers, but it is protected from a security breach by the online security provider.
The Internal Threat
Even though the above measures require vast sums of money and regularly demand peoples attention, an external threat of a security breach is easier to guard against than an internal one. The greatest threat to a companys sensitive information lies within the company. Disgruntled employees, former employees, vendors, trusted customers and joint-venture partners all have access to that data. In other words, all of these people are a potential security threat. They might leak information, either intentionally or unintentionally. This is the security breach that firewalls, antivirus software and passwords cannot guard against.
Businesses can take measures to guard against the external threats they face, but there is no effective means of protecting against a security breach caused by an internal source. Despite the billions poured into online security, business leaders still are faced with an age-old question: Can I trust this person? That is a question no IT security company can answer. There is no substitute for a leader’s ability to judge people’s character.