|
Kaspersky Lab recommends 'patching human vulnerabilities' regularly |
Kaspersky Lab, which develops Internet threat management solutions to guard against all forms of malicious software, has recommended that human vulnerabilities need to be patched, to prevent them from being the weakest link in an organisations IT security chain.
In a paper authored by Kaspersky senior resercher at the UK and part of the global research and analysis team David Emm, considers the influence the human factor has on information security.
Kaspersky Lab says cybercriminals are known to employ methods that exploit vulnerabilities in the human psyche to spread their programs and collect data. For example, they increasingly target social networking sites such as Facebook, MySpace, LinkedIn, and Twitter because of the ever-increasing number of people that use them. Emm explains that humans are typically the weakest link in any security system and that educating users in security best practice needs to be at the a part of any effective IT strategy.
Emm says no corporate security policy can be considered effective if it fails to address the human factor. In addition to securing digital resources, IT professionals need to find efficient methods for 'patching' human resources too. "A security strategy is far more likely to be effective if staff understand and support it. Furthermore, it is important not to see security information and training as just an IT issue. Rather it should be seen within an overall HR context," he explains.
Emm says employees need to be told, in simple, straightforward language, the nature of the threat. “They need to understand what protection measures the organization has deployed, and why, and how these may affect them in carrying out their duties. It also ensures that staff – who are increasingly working from home these days – are not exposing business resources to unnecessary risks."
|
