Information security–businesses advised to beware of internal staff

Published: 27/04/2011 05:00

0

100 views

Agencies,
organizations and enterprises in Vietnam have been warned that they are facing
the risks of unsafe information security,
caused by the security leaks from the internal staff – a danger which is
even more serious than the attacks by hackers.

Lesson learned from the Wikileaks
case


In 2010,
the fact that Wikileaks, headed by Australian Julian Assange, exposed a series of national top
secret information was described as the “blockbuster” of the year. The
information release once caused big headaches to the financial community,
politicians, because this was the top secret information powerful enough to
cause global shocks.

Why could
Wikileaks blockbuster explode? The experts, who attended to Security World
2011, a workshop on information security held in Hanoi several days ago, pointed out that it
was because Wikileaks could obtain top secret documents provided by the staffs
of the organizations themselves. Some countries have confirmed that the
information of the US
diplomacy, many banks and insurance companies in Switzerland were leaked from the
people, who worked at the agencies and companies and had the right to access to
the information.

Phuong Minh
Nam,
Deputy Director of the Information Technology Department under the Ministry of
Public Security, cited a report by the US Secret Service as saying that among
the reasons behind the information leaking, the internal risks and the
cybercrime are the biggest risks. Especially, businesses have been advised to
beware of the internal risks, because in many cases, it is the businesses’
staff that provided the top secret information.

Nam said that the internal risks relate
to the power abuse, which should be considered as the biggest risk (48
percent), while the attacks by hackers or spyware are just considered the
second risk (40 percent).

“The
information is always put under the strict control. However, it is the persons
who have the right to access to the information, do not keep secrecy. This has
become a serious danger for “sensitive” business fields, such as finance and
banking in Vietnam,”
Minh said.

Vietnamese institutions making light
of privacy policies

In the 2010
reports by McAfee, Kaspersky or Check Point,
Vietnam once
again was mentioned as a “black address” in many international lists of media
agencies and securities companies.

The risk of
information insecurity in Vietnam
has become more serious when Vietnam
has been listed among the 10 countries with the highest risks. Besides,
discontent people in enterprises and organizations may sell out their
enterprises and organizations, by stealing information and selling to other
institutions.

What to do
to settle the time bombs? Experts say that many institutions and individuals in
Vietnam
still do not have good perception about network security and data security.

“At most of
Vietnamese institutions and enterprises, the policies and procedures on
information security still have not been built or strictly followed. This is a
big problem which needs urgent settlement,” said Stefan Tanase, a senior
security expert from Kaspersky Lab.

Analysts
have also warned that the use of social networks may relate to the information
insecurity. Employees of some companies may complain on Facebook or Twitter
about some projects that their companies carry out. When they mention some key
words or combinations of works, these could be the “suggestions” to hackers to
carry out attacks to the database of the companies.

The Vietnam
Information Security Association (VNISA) has advised institutions and
enterprises that they should not only equip with good servers, firewalls or
encryption systems, but they also need to pay attention to the implementation
of the information security procedures and the decentralization in data access.

Buu Dien

Provide by Vietnam Travel

Information security–businesses advised to beware of internal staff - Business - News |  vietnam travel company

You can see more



enews & updates

Sign up to receive breaking news as well as receive other site updates!

Ads by Adonline