eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
2Your Dining Habits
Hackers are becoming increasingly creative in the ways that they infiltrate computer networks. In one case, hackers breached the computer network of an oil company by infecting the online menu of the employees’ favorite Chinese restaurant with malware. This type of watering-hole attack reflects the extent to which an adversary will go to attack a target.
3Your Hotel Room
When traveling internationally, competitive rivals may be aware of your trip beforehand and will plan accordingly in order to take advantage while you’re on the road. If you are staying at a hotel and leave your laptop unaccompanied in your room while going to the gym, your chances of having your device compromised through the discreet installation of key-logging malware increases exponentially.
4Other Risks to International Travelers
Business travelers should always assume that they could be a target, particularly when traveling to known competitive intelligence destinations around the world, such as in Asia and Western Europe. If possible, use devices specifically designated for traveling that should only contain data relevant for the purpose of the trip.
5The Lost Cell Phone
An effective bring-your-own-device (BYOD) policy increases employee efficiency and can build a happier, more productive workforce. It is crucial to standardize acceptable use policies that cover topics such as local storage of files, connectivity to the network and remote-wipe capability in case of loss.
6The Insider Threat
In many cases, data theft within organizations is linked to employees and others with legitimate access to systems, networks and sensitive data. This can be the result of inadvertent behaviors due to human error and a lack of policies or a deliberate breach attributed to a malicious insider. From a hiring perspective, comprehensive background checks and due diligence can help reveal a pre-hire’s connection to any potential competitive intelligence adversaries.
7The Unlocked Server Rack
8Third-Party Web Applications
Research indicates that a limited number of exploits in only a handful of widely used third-party applications are responsible for nearly all successful enterprise malware infections on Windows clients. Transitioning away from commonly exploited applications and using less popular alternatives would prevent some exploits, because many of them target the libraries specific to those applications.
9Your Cleaning Service
Because external relationships are a reality of modern business operations, a proper analysis of vulnerability should extend to the various vendors, suppliers and other third parties within a company’s ecosystem—even the cleaning service. In the case of Target, a company that invested millions in malware detection and endpoint protection, the data breach was the result of stolen credentials belonging to a third-party vendor.
10Your Document-Shredding Policy
Many companies don’t give file or document disposal a second thought. Employees toss documents in the trash or recycle bin, or delete them from a shared drive, and they think that’s the end of it. If a would-be data thief is looking for intellectual property or confidential information, the act of “dumpster diving” can lead to a potential goldmine.
11The Unencrypted Email
Although most companies understand the importance of secure file sharing, you’d be surprised by how many still communicate with third parties via unencrypted emails and employ generally poor WiFi practices. Organizations should implement tools that force storage encryption and encrypt data for end-to-end communication. They should also ensure that employees avoid using public WiFi networks.