Information plays a vital role in successful organizational management. Information management using modern information technology enhances organizational survival and decision-making.
Individuals with ill intentions can utilize any security flaw existing in the organization’s information systems to pursue their selfish interests; this, in other words, can render an organization susceptible to risks, which are costly or lower the integrity of the organization.
Unauthorized computer access is only possible when an organization information security strategies are weak thus leaving an organization’s information resources vulnerable or accessible. When there are loopholes in the information security management system, malicious individuals take advantage of these ostensible flaws to achieve their ill intentions of either stealing or corrupting an organization’s databases.
This paper discusses some of the key threats to an organization’s information security system or the persons that compromise an organizations computer system through unauthorized entry. Some of the highlighted threats are discontented employees, journalists, and political activists, hackers and information agents.
An organization’s information systems can be compromised in a variety of ways. The most notable being actions by discontented employees. Employees become a threat when they have been laid off or when they have left their jobs voluntarily in search of greener pastures.
Such people might attempt to steal information with a motive of using it to exploit the company by selling confidential information to the competitors or to leverage on the same to get a new job. Owing to their familiarity with the computer system employed, such unscrupulous staff stands a better chance of successfully sabotaging, hacking or distorting information (Salehnia, 2002).
Ideally, every organization should have an information security policy. Unfortunately, most companies lack proper policies to govern storage or management of sensitive and confidential information against theft and fraud. One of the most basic and yet reliable measure towards curbing employee related risks is doing an employee audit.
An employee audit can be done electronically or manually to ascertain that no employee is not in custody of vital company information as they leave the company premises. In addition, magnetic chips should be fixed on crucial organization documents such as reports and files to control information movements.
A hacker is an individual who is well equipped with programming skills and uses these technical skills to gain unauthorized access to an organization’s information systems. Hackers do this for personal gigs or monetary gain. Hacking is a serious threat to many organizations’ computer systems. Hackers break into computer systems by compromising the integrity and privacy of data (Cross & Shinder, 2008).
By obtaining this information, they easily use it to trade with interested parties pretending to be the genuine users. Unlike, other security risks, hackers, pose the greatest risk and can completely jeopardize the operations of the firm. However, several measures such as regular change in passwords and encryption of passwords and user names are important in containing the risk.
Journalists and Political Activists
Journalists or political activists might be interested in the operations of an organization with intentions of discrediting or damaging the organization’s reputation. While there are codes of ethics that govern journalism, practical codes vary giving room to substantial overlap in information dissemination.
Thus, some journalist and political activist take advantage of this mostly through bias reporting of facts, misrepresentation of figures and blatant deception to the public. Sometimes they will suppress the information even disregarding facts through mischief. Overly, they attempt to shape and influence the opinion of the public (Bosworth & Kabay, 2002).
These people use subversive tactics to gather proprietary information. This information could be anything from new product ideas, bid information, proposals, marketing strategies or research and any other corporate data.
They penetrate the information system of a given organization with the intention to find information that they can trade. They sell this information to the highest bidder especially in financial or consultancy or brokerage industry. It is, therefore, important for all organizations to exercise vigilance and secure their systems to any such security threats.
It is critical for all organizations to embrace various security strategies to guarantee the safety of vital information and resources in the organization. This can be done by having back up files, changing passwords regularly, use of encryptions, installing antivirus scanners to prevent any unauthorized access to information against persons or foreign software programs.
Physical security such as employing guards, using biometrics doors, and controlling unauthorized access can also be deployed. Finally, each organization requires a meticulously formulate information security policy. Failure to institute measures against information security threats, opens up an organization to much information security threats, which can easily compromise an organization’ information systems.
Bosworth, S & Kabay, M. (2002). Computer Security Handbook. New Jersey, NJ: John Wiley & Sons.
Cross, S. & Shinder, D.L. (2008). Scene of Cybercrime. Burlington, MA: Syngress Press.
Salehnia, A. (2002). Ethical Issues of Information Systems. Hershey, PA: IRM Press.