The Weakest Corporate Security Link

Technology, at the end of the day, is only as secure as the person using it. You can have all the content filters and packet sniffing software in place across your network, but if there is someone viewing something he shouldn't be, there is little you can do. Another example. Install all the anti-virus software applications you can get your hands on and spend day and night to keep them updated. Put in an outgoing quota on your email server so that nobody can send attachment or receive .exe or zipped files. But if someone sends a link to a site which will inadvertently install a small server on your machine, there is nothing you can do to stop it.

You can buy the most secure system in the world at your disposal, but if you have a disgruntled person in your IT department, it is as vulnerable as a sponge. Footprints, access codes, loop holes and exceptions can all be masked into any system, and altering the log so that the knowledge of that backdoor is only known to the person creating it, is all a reality.

You access all your web accounts and even plug into your enterprise network using your cellphone. Like most people, you have your passwords saved. God forbid your cellphone gets into the wrong hands and you will have trouble recalling which accounts you accessed and which passwords you need reset.

Do you see a trend here? You should, because we're certainly not outlining the script from a movie. No matter what you deploy to secure your network and system, until you do something to secure and mobilize the human factor in any organization, you are going to always be vulnerable. And no, it doesn't matter whether your organization is small or large. As long as you have people, you are going to have ways to get into the system.

Social Engineering

Social Engineering is something that gives true character and personality to a "smooth talker". Someone who will use his or her social skills to get you to reveal critical packets of information which can be used to break down your business, is an increased risk in the corporate environment. Ever been in a situation where you divulged some confidential information to a friend or a confidante? Shown off a credit card that has your photo ID on it just so they can 'wow' at your smile? A casual conversation where you revealed some classified information to impress someone? In today's age of increased corporate competitiveness, there are more chances that it will be used to get into a network, gain access through a firewall and exploit an organization.