For the modern business a lot of time is spent
focusing on network security. The theory behind this action is that there are
all types of threats that could be trying to get into your computer network. At
a college, you’d expect that, since so much sensitive data, including personal,
medical, and financial information--as well as intellectual property--is stored
on college computers/servers, that the diligence of IT administrators would be
even more conspicuous.
Then there is the story that came out of the
College of Saint Rose in New York’s capital city of Albany early in April,
2019. An alumnus of the postgraduate school, Vishwanath Akuthota, was charged
with, and pled guilty to, using what is known as a “USB killer” to fry the
components of 59 Windows computers and seven Apple computers on campus. In all
it has cost the college $58,371 to replace the computers.
A Indian national, in the United States on a
student visa, Akuthota filmed himself destroying the machines on his iPhone.
For his misdeeds, he faces as much as ten years in prison and a $250,000 fine
for repeat.
The “USB Killer” is a thumb drive that works
by drawing power from the USB port to charge a capacitor in the USB, then
discharging the power into the USB port, frying essential components inside the
machine, leaving it broken. The device itself is available online and is usually
advertised as a tool meant to test a devices surge protection.
Every business wants to avoid situations like
this. While there isn’t much you can do against the “USB Killer”, there is
plenty you can do to help you ward against employee-induced catastrophe.
According to an independent study, in 2018 more than two-out-of-every-three
data breaches were the result of employee negligence, direct employee theft, or
straight sabotage.
You read that right. You have a better chance of
being put behind the eight ball by your employees than you do by any other
person. That’s not to say your employees are out to get you, as only about a
quarter of data breaches were a result of a current or former employee’s
deliberate action, but rest assured you need to protect your network and
computing infrastructure against situations in which there could be data loss
triggered by your team.
The first thing you should do is put together
a strategy to snuff out potentially disastrous situations before they happen.
That means training and monitoring. By training your staff on the best
practices of using the systems they come into contact with, they’ll have a
better understanding of how they work, and therefore will likely make fewer
egregious errors.
On the other hand, if they understand the
systems and are versed in solid practices, some of them will want to take
liberties that they maybe wouldn’t have if they were less informed. This is why
a thorough monitoring strategy is important. While this strategy will work to
keep your data and infrastructure safer, it might just save you some time and
money in lost productivity.
If your organization would like more information about how to train your staff properly, or how to sufficiently protect your network and infrastructure from all manners of threats, contact the IT pros at Emerge today at 859-746-1030.