Risk #9: Bring your own headache
On the one hand, new devices such as smart phones and tablets can increase employee productivity – and when employees use their own devices, save the firm money. According to a report by Forrester Consulting, one half of the financial firms they surveyed support personally owned mobile devices. But this new “bring your own device” (BYOD) environment brings new headaches, too. These devices are easily lost and stolen. When they are, any information available to the device – including confidential business and customer data – may be vulnerable to illicit access. Yet fewer than 50% of businesses report the ability to use data encryption and/or remote data wiping to protect their assets. Take stock of your data inventory: you need to share permissions reports that reveal which devices and users have access to which files and applications.
Risk #8: Who’s knocking at your backdoor?
Your firm isn’t limited to your own systems. Thanks to access to outside servers and systems, you can leverage potent tools like Dropbox and customer-built service portals to share files and manage customer accounts. While these cloud services increase your capabilities without busting your IT budget, it’s important to remember that every connection that reaches out from your network may open an opportunity for someone else to reach in. Protect your portals: run an external vulnerability scan that reveals every “backdoor” through which an intruder might break into your network.
Risk #7: “Wet paper bag” passwords
Your password protections are only as strong as the passwords themselves. Having no passwords – or using obvious passwords such as “12345” – undermines the very protection you seek. Yet employees often fail to establish passwords or, when they do, frequently use ineffective ones. Review your passwords’ strength to identify weak spots any unauthorized user could punch through