When most business owners think about securing their computer systems, be it on the desktop or the network, they almost always visualize the primary enemy as an evil hacker looking for vulnerabilities to exploit and valuable data to steal. I’d like to challenge you to be wary of another dangerous adversary: ex-employees with access to system accounts (and default settings) who remain active after they’ve left your company.
Whenever the risks associated with insiders are discussed, the conversation usually focuses around disgruntled and/or malicious employees within the firewall abusing permissions to steal data or plant malware in the network. But that orphaned account—the ex-employee who still enjoys e-mail access and who knows the default passwords to the sensitive parts of your network—is a bigger risk yet and is often forgotten.
I’d wager a bet that more than 75% of small businesses have no idea how many orphaned accounts exist within their organization. Ask yourself, do you have a procedure—or the resources—in place to automatically nuke every user credential for exiting employees? Didn’t think so. Do you have a coherent strategy for locating orphaned accounts and mitigating that risk? And do you, as the small business owner, even know where all your IT assets are and who has access to them?
In these tough economic times, you do have to be prudent about expending resources but be sure to spare some room in your IT security budget to create a formal policy for dealing with ex-employee accounts that never get disabled.
Kaspersky Lab, Americas