TrendMicro Offers Tips on Preventing Security Breaches in the Workplace
MANILA, Philippines - Corporate information appears to be on the target list of a growing number of cyber criminals.
These cyber criminals have capitalized on a variety of social engineering techniques to target the weakest link in any type of information security structure who are the employees.
Traditional security software are often designed to face outward with very minimal security measures in place to prevent data loss from the inside. Employee activity is therefore very crucial. Confidential information, from personal banking credentials to management plans to in-office politics, can be leaked if workers are not careful with what they share online.
An estimated 23 million Filipinos have access to social networking sites such as Facebook and Twitter, and many of those are workers who check and update their accounts in their offices.
Cyber criminals can piece together data from information uploaded by employees in these sites to create convincing ploys that would eventually give them access to vital places inside the network. This can potentially lead to information theft through malware attacks or data leaks endangering company trade secrets.
According to Myla Pilao, Director of TrendLabs Marketing Communications, unit of TrendMicro, there is still the possibility that cyber criminals may gain access to sensitive corporate data if an unsuspecting employee executes a malicious script sent via their email or social networking accounts. Pilao states that the problem is exacerbated by the increase in the use of mobile devices such as tablet PCs, laptops, netbooks, and smartphones in the workplace, plus the employees' unofficial use of the Internet.
The recent "Nicole Santos" spam and the fake Bin Laden execution videos on Facebook are just some examples of cybercriminals taking advantage of the social medium. These attacks employed social engineering tactics that tricked people into clicking links that directed to malware.
The easiest solution for a corporation to prevent attacks is restricting employee Internet access. In other cases, policies even go as far as disallowing workers to use their mobile devices in the office. Pilao explains that though these solutions seem foolproof, they can actually hinder growth in the long run as social networking sites not only provide direct access to targeted customers and clients, they can also foster lasting relationships with such clients, who use their own social networks to promote certain services. …