Blog Archives

Common Insider Security Threats – And How to Stop Them

Suspicious EmployeeThe biggest security threat companies face isn’t hackers or cybercriminals – it’s their own employees.

Most data breaches can be blamed on negligent employees failing to keep sensitive corporate data secure, according to a recent report from research firm Forrester. At the 7,000 organizations surveyed, just 25% of the data breaches they’d experienced were blamed on external attacks.

The remaining 75% were caused by employees and other insiders – and most often due to their negligence or failure to follow policies. The most common causes of those data breaches were:

  • Laptops, smartphones or other computing devices lost by employees (31%)
  • Inadvertent misuse of sensitive information (27%), and
  • Intentional theft of data by employees (12%)

As those numbers show, IT pros could prevent many data breaches by directing more attention to finding and eliminating the threats that exist in the company’s own workforce. Here are the most common types of insider threats to watch out for – and what IT can do about them:

1. Negligent employees

As Forrester’s report shows, negligent employees are the most common security threat IT departments face. Often, data is leaked because those people fail to follow IT’s security policies. And the threat is only becoming more common because employees are carrying more information around on mobile devices.

Requiring those devices to be equipped with encryption and other security tools is key to keeping data locked down. Also, IT should be careful to only give employees as much access to data as they need to do their jobs.

2. Malicious insiders

Insiders who knowingly steal data or cause other problems may not be as common as negligent employees, but they can do a lot of damage. Malicious insiders might steal confidential information to sell to competitors, use financial data to commit fraud, or carry out other costly crimes.

IT staff should work with other departments to determine who has access to a lot of sensitive data. That way, those department managers can make sure they’re conducting background checks accordingly. And again, keeping access privileges to a minimum is key for lowering the risk.

3. Ex-employees

IT must also protect against recently terminated employees that could still have access to data. Those people may include fired workers who sabotage networks or data for revenge, or an employee who took a job at a competitor and steals trade secrets to take with them.

To prevent that, IT should be in communication with HR to know when employees leave the company so their access rights can be terminated immediately.

4. IT staffers

IT managers don’t just need to worry about the potential security risks lurking in other parts of the company – there’s also a chance the IT department may have insider threats of its own. Tech staffers often have access to the most data in the company. And in fact, 20% of IT pros have admitted to snooping on sensitive data, including the CEO’s private information.

That’s why IT managers should conduct thorough background checks on their own hires and watch out for suspicious behavior from their direct reports.

5. Business partners

In addition to their own employees, companies must be careful about the employees of any cloud computing provider or other business partner they work with. Those people are out of the organization’s watch, yet often have significant access to the company’s data.

When contracting with a third party, companies should ask about the vendor’s security policies and background check protocol to make sure the proper standards are in place.

About the Author: Sam Narisi is editor in chief of IT Manager Daily, published by Progressive Business Publications.  Connect with Progressive Business on LinkedIn or Glassdoor.

 

 

Getting Started With Email Marketing

Getting Started With Email Marketing

Getting Started with Email MarketingEmail is a part of many marketing budgets, strategies and concepts for big businesses. If you’re just starting out or are looking to expand your current online marketing efforts beyond the basics of social media, it’s time you made email marketing part of your next campaign. From determining whether you should send out newsletters or retargeted emails, getting started with email marketing can seem a bit overwhelming.   Here are some of the questions you may be asking yourself, and the answers.

How Do I Create a Database?

Before you get in to the design or messaging, you need to have a list of emails that you’re sending your email marketing campaigns out to. If you don’t have contacts to send your campaign messages out to, there is no way you’ll be successful. In order to create a database to use for your email marketing efforts, you should:

  • Start by collecting and organizing the emails of past and current customers. You may already have these, but if you don’t a call or direct mail card can help you head off in the right direction.
  • Ask for an email address in exchange for an offer. A basic clipboard on your counter or form on your website, that says “Sign up here to receive discount coupons via email!” or “Sign up here to get our free Newsletter via email!” will get your list going.
  • Keep it simple. Don’t ask for too much information up front; you could scare someone off. All you really need is a first name and email address. The rest of the information you ask is up to you, but the more information you require the more likely someone is to say, “No thanks.”
  • Have a privacy policy in place. Let customers know how you plan to use the information they provide. Look at similar sites and companies to get a feel for what you should be doing – including getting the permission of customers to send them emails.

Should I Use HTML or Plain-Text?

If you have no experience in email marketing campaigns, creating and designing brand new one may seem overwhelming. However, there are a number of tools out there to help you get started. MailChimp has a number of resources available for those getting started with email marketing. When it comes to the design of your email campaigns, consider:

  • Testing the email before you send. HTML emails can look different than expected when they are opened. Run the test on a few different free email services such as Yahoo!, Gmail, MSN and Hotmail to make sure it’s what you expect.
  •  CSS vs. HTML vs. Plain-Text. CSS doesn’t work too well in an HTML email, HTML images are sometimes ‘broken’ and plain-text is the most consistent. However, HTML is more like the world we live in – colorful and full of imagery – and is often considered the best method for email marketing campaigns.
  • Keeping the design simple. Place your logo in the upper-left hand corner, keep your call to action above the fold and avoid adding so much pizzazz that the important things get lost. Using a few images is great, but keep your message in mind!

What’s the Message?

What you hope to get from your email marketing efforts will contribute greatly to what your message should be. If you’re looking to showcase a product or indicate an upcoming event, your message needs to be a compelling reflection of that. Keep in mind why you’re sending these emails out and gear your content towards the right audience.

  • Your call to action, which is based on what you want those receiving your emails to do, needs to be above the fold. This means having the CTA in sight, without any scrolling necessary, when someone opens the email.
  • Be interesting! Put yourself in your customer’s shoes to consider what they want to read and receive in an email. Your tone, content and design all need to reflect this. Track the results of your efforts to see what is working best with your audience.

Is There Anything Else I Should Know?

Yes, of course there is! Email marketing takes some time and isn’t an overnight process. Always include an opt-out option and stay up to date on your results reports. Knowing what is successful and what isn’t is the best way to move forward.

  • Make sure you send emails from a non-personal email address. Instead of sending out blasts from janedoe@xyz.com, consider info@xyz.com, newsletter@xyz.com, etc.
  • Segment your audience. Your campaign may not apply to everyone in your database so organize each person by different demographics including age, location, interests, conversion likelihood, etc.
  • Send your emails early in the week. Emails typically have a lifespan of 3 days, so sending out your messages on Monday or Tuesday will often be better than sending out on Friday. Of course, it depends on your audience.

An email marketing company can help you with your email campaign efforts. But, if you’re more of a DIY marketer, take each of these questions into account and make sure you have a plan in place before sending any emails out. There are a number of resources, including HTML email templates, online for free. When it comes to getting started in email marketing, you need to have a goal and related call to action, design, and overall messaging in mind. Remember, this is a branding opportunity and you need to make the most of it.

Author Bio: Erica Bell is a small business writer who focuses on topics such as web design and online marketing. She is a web content writer for Business.com. 

The views and opinions of  this post are solely those of the author of the post. Mozy does not specifically endorse any of the commercial products or services mentioned in this post.

 

MozyPro Online Backup for Businesses