Most often, it is through these devices that confidential information leaves the company without authorisation. Removable media may also introduce malicious software which, after it penetrates into the corporate network, can eventually lead to data leakage or more damaging consequences.
According to a survey conducted by research firm IDC, employee negligence poses a serious threat to the security of corporate confidential data.
As the ‘Bring Your Own Device’ (BYOD) concept gains momentum regionally and globally, the region faces bigger insider threats than from hackers outside.
The prevalent use of smartphones and ‘BYOD’ are the biggest trends driving the network security market in the region.
According to Bala Venkatramani, marketing manager of IT security solutions at ManageEngine, newer threats keep cropping up as new technologies evolve. Today’s enterprises are facing unprecedented security threats as organisations embrace new technologies.
He said that sacked employees and unhappy staff have been involved in several security breaches.
“It is essential that all employees, irrespective of their status in a company, understand how their misguided actions [innocent or unintended] can impact their organisation,” said Kevin Bailey, research director, EMEA Software Security Products and Services Policies at IDC, in a statement. “Policies that control access, movement and communication of data in a secure manner will be needed by organisations.”
The study said that about 36 per cent of companies expressed serious concern about the growing number of mobile clients. Preventing leaks of confidential data is one of the top concerns of 41 per cent of the companies surveyed.
“Organisations need to control access of employees to its IT resources as insider threats loom large,” said Bashar Bashaireh, regional director at Fortinet.
According to a survey conducted by Fortinet, more than 65 per cent of companies in the UAE allowed staff some form of access to personal devices last year.
With the adoption of ‘BYOD’, organisations need to “have security policies and control access to resources in place and review them regularly”.