Internal Threats

Internal threats are those that originate from within an organisation. Whilst it seems unlikely, it is in fact a very common source of security breach. This week (w/c 28/06/2021) a file of confidential military information was found left on a park bench, and only a few days before some sensitive CCTV images were leaked to the media.

Internal threats can come in many forms:

• Accidental loss – the loss of, or misplacement of, important or confidential files and materials or laptops or USB sticks.
• Unsafe practices – for example the use of USB flash drives to store and transport sensitive information without sufficient encryption; visiting dubious websites; downloading files and running them without appropriate security checks; attempting to bypass user account restrictions
• BYOD – (bring your own device) where users may not have the required/appropriate security settings and software installed

All of these threats are avoidable through the use of employee education and monitoring and enforcement of security procedures.