If you’ve been keeping up with the news over the past few months you have probably heard of Wikileaks and its mysterious spokesperson, Julian Assange. Wikileaks is a non-profit organization that publishes submissions of private, secret, and classified media from anonymous news sources and news leaks. Over the last few years they have published millions of classified state and corporate documents supplied by anonymous sources and by recording traffic from Chinese hackers on a Wikileaks owned server. Wikileaks purported goal is to increase transparency, support freedom of the press and challenge powerful institutions.
In the past year Wikileaks has released a video showing Iraqi citizens being killed by U.S. forces, a compilation of over 70,000 documents related to the war in Afghanistan, 400,000 documents related to the war in Iraq and, most recently, U.S. State Department diplomatic cables.
The U.S. government has condemned Wikileaks and its actions accusing the company of compromising national security and damaging international diplomatic efforts. Others feel that releasing such information helps keep governments and large corporations honest and that it is empowering to everyday citizens whose lives are affected by these institutions.
However you feel about Wikileaks and what they are doing, it should be a large red flag to anyone in business or government that their information is not safe. There are groups of thieves, spies, activists and terrorists all over the world working actively, daily to penetrate the information security of governments and corporations.
The biggest threat however, comes from within. Interfor’s research and experience over more than thirty years of investigating corporate intellectual property theft indicates that the vast majority of material loss is due to the intentional or accidental actions of employees. Whether it’s a disgruntled employee posting proprietary information on the web, or a careless employee leaving a laptop full of confidential corporate information in an airport lounge, the ease by which information is transmitted and/or transported is now the biggest security issue for IT professionals.
Wikileaks recently announced that they have thousands of documents from and American bank, thought to be Bank of America, containing potentially damaging information (believed to have come from a top level executive). Wikileaks has stated that it plans to release the documents early this year.
Whether you are a small business owner or a Fortune 500 company, information security should be one of your highest priorities. The following are a few tips to help protect your company and keep proprietary information confidential:
- Delineate access to systems and data so that no one person can access to everything.
- Track access to restricted data.
- Block USB ports on company computers so that your employees are unable to plug in smart phones, lap top computers or flash drives into the computers without consulting the IT department.
- Block access, particularly remote access, to systems and data immediately upon terminating an employee.
- Incorporate security awareness programs so that employees are informed about security restrictions and responsibilities.
- Set up an anonymous hotline so that employees can report issues.