Human threats

Human threats consist of inside attackers or outside attackers. Insiders can be employees, vendors, or contractors with privileged access to systems. They can also be organizations and outside attacks by non-employees or groups of inpiduals just looking to harm and disrupt an organization due to a motive or aim.

The most dangerous form of attackers are usually insiders, because they have access to the system and know security measures that are already in place. Insider attacks can be malicious or negligent and can also be accidental.

All companies in this world have to deal with employee work force reduction and expansion. Consequently, controlling and changing the permission on system assets is a very important action item. Lack of process and failure to remove access to sensitive assets for employees who no longer have a business requirement increase an asset's exposure to unauthorized access. This can be a common cause of insider attacks, which is often overlooked.

Since there is usually a trust between employee and employer, most employees are not out to harm them. However, there's no way to ensure that this is the case with all employees, so the best practice is to be cautious and take the appropriate measures to prevent inside threat.

Here is one classic example:

A company's important application was operated by the personal credentials of an employee who had been working there for many years. However, one day the company laid that employee off. The next day, the IS department deleted his credentials. The application then stopped working. An issue like this can cause major damage to a system, and it will definitely take time to identify and fix the problem.

Human security threats can be something as simple as a person opening an attachment loaded with malicious script or malware that opens the system's back door and allows outsiders to extract information. The worst-case scenario often isn't a hacker breaching internal systems, but an employee that loses his smartphone or has his laptop stolen. The best defense lies in securing the data, not just the devices. This means encrypting at the file-level, so confidential information is protected even it is stolen.