FTD-Serie: Texte zu den Business-English-Podcasts
Here you can find the texts for our Business English podcasts and improve your language skills.
Business English: Pull the plug on an expert and risk IT theft
Will the credit crunch bring about hacking from within?Last July, Terry Childs, a network administrator at San Francisco's Department of Telecommunications and Information Services, was arrested on charges of tampering with the city's computer network.
The disgruntled employee was accused of changing the system's passwords, effectively locking out everyone except himself. The city authorities were forced to pay specialist technicians to regain control of the network.
Such incidents highlight the damage that unhappy IT staff can cause their employers. It is a problem that may be exacerbated as the recession takes hold. In a survey by CyberArk, the security specialist, 88 per cent of 600 respondents in London, New York and Amsterdam said they would take essential information and use it in their next job if made redundant.
Stephane Fymat, vice-president of strategy and corporate management at security specialist Passlogix, says businesses are ill-prepared. "You can tell a company that the internal threat is the most dangerous threat they will have to deal with, but their attitude tends to be surprisingly trusting of their employees."
About 80 per cent of companies have no protection in place against an employee who has left, he says. "An ex-employee very quickly becomes an external threat. They have knowledge of the internal network that can be very dangerous - and of companies that don't even change passwords for months after they have let IT staff go."
One Passlogix customer is a hospital in the UK. It is now re-examining passwords on every desktop computer. "They are obviously not shouting this from the rooftops, but it's a big concern for them - there's a lot of very private data on their systems," he says.
But IT workers who have been treated well by their former employers are less likely to sabotage computer systems. Steve Flatt, a director at Psychological Therapies Unit, a private clinic in Liverpool, believes information theft is bound to increase along with redundancies. But, he adds: "The indications seem to be that people will only do this when they feel they've been treated badly by their company ... bosses who are bullying and demanding, and who treat employees just as human resources to be discarded, [are] bound to be stitched up more than employers who try to find people alternative employment or retraining."
Alex Lock, a partner at UK law firm Beachcroft and editor of the Employment Lawyers Association's journal, points out that to pose a significant threat someone would need access to highly secure information. "If you look at information that is genuinely confidential - for which a court would be prepared to grant protection in the form of an injunction - there are not that many employees in an organisation who have access to it." If information is freely available, he says, it could not be classified as confidential.
How can potential theft be prevented?
While he acknowledges there are cases of employees breaking confidentialities after leaving an organisation, he argues that individuals with access to truly sensitive information are less likely to be made redundant. "If they were, the likelihood is that an employer would not be using a statutory redundancy payment - they would be tying things up with a more satisfactory payment."
Rather than wait for security to be breached, though, Mr Fymat says preventative measures should be put in place. "First of all, before you do anything, a business needs to clarify its internal policies and get its procedures in order," he says. "Which of your IT administrators has what levels of access and control? There are usually policies in place but they are, more often than not, dormant. Then you need to communicate your policies to every member of staff so that they know their responsibilities."
Finally, he says, companies must properly encrypt, store and govern the use of privileged account IDs and passwords.
If an employee does break a confidence, legal action should be relatively straightforward. "I have come across cases in which an employee has brought information into a potential new employer and is seeking to use it, and we've gone against both the employee and the potential employer."
- 1
- 2
-
The Financial Times, 24.02.2009
© 2009 The Financial Times,
Suche in der FTD-Personendatenbank
© 1999 - 2012 Financial Times Deutschland
Aktuelle Nachrichten über Wirtschaft, Politik, Finanzen und Börsen
Börsen- und Finanzmarktdaten:
Bereitstellung der Kurs- und Marktinformationen erfolgt durch die Interactive Data Managed Solutions AG. Es wird keine Haftung für die Richtigkeit der Angaben übernommen!
Über FTD.de | Impressum | Datenschutz | Disclaimer | Mediadaten | E-Mail an FTD | Sitemap | Hilfe | Archiv
Mit ICRA gekennzeichnet
VW | Siemens | Apple | Gold | MBA | Business English | IQ-Test | Gehaltsrechner | Festgeld-Vergleich | Erbschaftssteuer
G+J Glossar
Partner-Angebote
Aktuelle Nachrichten über Wirtschaft, Politik, Finanzen und Börsen
Börsen- und Finanzmarktdaten:
Bereitstellung der Kurs- und Marktinformationen erfolgt durch die Interactive Data Managed Solutions AG. Es wird keine Haftung für die Richtigkeit der Angaben übernommen!
Über FTD.de | Impressum | Datenschutz | Disclaimer | Mediadaten | E-Mail an FTD | Sitemap | Hilfe | Archiv
Mit ICRA gekennzeichnet
VW | Siemens | Apple | Gold | MBA | Business English | IQ-Test | Gehaltsrechner | Festgeld-Vergleich | Erbschaftssteuer
G+J Glossar
Partner-Angebote