Companies spend a large amount of money and time securing their networks from external attacks. You often read about the latest security attacks that have occurred. External attacks seem to be highly publicized (and we love reading about them). However, what about the threat of internal attacks? An internal attack can be far more serious and devastating than an external attack since it is being performed by a user who is considered trusted.

Internet security threats can result from a malicious user, such as an administrator, or even an unskilled user who makes a careless mistake that compromises security. In the end, most of these types of attacks result from an angry employee. An internal attack can range from deleting valuable information, sharing private data with others (possibly external users), changing policies, and so on. Of course the extent of the attack will depend upon the skills of the user. Obviously someone who is knowledgeable about the company network can pose more of a threat than someone with very limited skills.

A good security plan will take into account the possibility of internal security threats and include security measures to prevent them from occurring. There are some very simple steps you can take that will go a long way in securing your network from your own users.

Ever hear the saying “Out of sight, out of mind?” If you have servers or computers that store sensitive data, why not lock them up? Place them in a room that non-administrative users do not have access to.

If you are running Windows Server 2003 (or Windows 2000 and Windows XP), many of the security requirements are built in with the operating system. So why not take advantage of them if they are already there?

Many Internet security threats involve a user accessing data that they should not have access to. One of the most common ways of preventing this (one which all administrators know about and implement), is to use ACLs (Access Control Lists). This way you can set permissions and deny users access to data that they should not be accessing (this even applies to home users who have networks that may store sensitive data).

Another security measure is to take advantage of the security options within group policies. There are a number of different settings that can be configured that will limit what other users can do on the network and/or computer. For example, you can use a group policy to limit which computers users can log on to. And, of course, security auditing gives you a quick and simple way of monitoring events on your network.

So when you’re putting together your security plan, remember this – people themselves are security threats. Limit what they can do. Limit what they have access to. And let them know what the company policy is and the repercussions of breaking the company security policy. Sometimes a little fear goes a long way. [Diana Huggins]