Do you even know yet who is accessing your systems?

Do you even know yet who is accessing your systems?
Many companies say that the threat from hackers and viruses is the biggest risk to their IT structure. Major efforts are appropriately put in and investments are made in the construction and operation of firewalls and encryptions. IT security companies warn against another hazard, which has a significant potential risk and is primarily home-grown. The problem is that more and more companies are losing track of the persons who are assigned online access rights.

One reason for this is the fact that many companies neglect their duty to ensure the safety of their data even internally. A prime example of such a chaotic data model is the granting of access to the trainees of a company. In general, they pass through several departments of the company and quite frequently receive individual online access in each of these organisational units, which is not taken back from them when they leave the department.

What many companies are not aware of is that they are losing control over their data. Often trainees at the end of their apprenticeship have a colourful bouquet of access rights to various IT systems - similar in scale to the administrator of the company. This access to data for the period of the training course is intentional and meaningful. The problem arises when the trainee leaves the company and the rights are not removed.

For this reason, companies need a holistic IT security solution that not only deals with the risks that can come from outside. For the problem described, the temporary assignment of access rights could be a solution. After a certain time, on this basis, certain rights are revoked - an appropriate time frame could be the end of training in the department or the taking of the final examination.

In this way, there is a kind of dynamic management of rights in this area, which can be applied in the same form to full-time employees. As a result, this means more security for authorisation to access company data.

Date: 5 February 2015, 15:47 pm
Das könnte Sie ebenfalls interessieren: