For the modern business a lot of time is spent focusing on network security. The theory behind this action is that there are all types of threats that could be trying to get into your computer network. At a college, you’d expect that, since so much sensitive data, including personal, medical, and financial information--as well as intellectual property--is stored on college computers/servers, that the diligence of IT administrators would be even more conspicuous.
Then there is the story that came out of the College of Saint Rose in New York’s capital city of Albany early in April, 2019. An alumnus of the postgraduate school, Vishwanath Akuthota, was charged with, and pled guilty to, using what is known as a “USB killer” to fry the components of 59 Windows computers and seven Apple computers on campus. In all it has cost the college $58,371 to replace the computers.
A Indian national, in the United States on a student visa, Akuthota filmed himself destroying the machines on his iPhone. For his misdeeds, he faces as much as ten years in prison and a $250,000 fine for repeat.
The “USB Killer” is a thumb drive that works by drawing power from the USB port to charge a capacitor in the USB, then discharging the power into the USB port, frying essential components inside the machine, leaving it broken. The device itself is available online and is usually advertised as a tool meant to test a devices surge protection.
Every business wants to avoid situations like this. While there isn’t much you can do against the “USB Killer”, there is plenty you can do to help you ward against employee-induced catastrophe. According to an independent study, in 2018 more than two-out-of-every-three data breaches were the result of employee negligence, direct employee theft, or straight sabotage.
You read that right. You have a better chance of being put behind the eight ball by your employees than you do by any other person. That’s not to say your employees are out to get you, as only about a quarter of data breaches were a result of a current or former employee’s deliberate action, but rest assured you need to protect your network and computing infrastructure against situations in which there could be data loss triggered by your team.
The first thing you should do is put together a strategy to snuff out potentially disastrous situations before they happen. That means training and monitoring. By training your staff on the best practices of using the systems they come into contact with, they’ll have a better understanding of how they work, and therefore will likely make fewer egregious errors.
On the other hand, if they understand the systems and are versed in solid practices, some of them will want to take liberties that they maybe wouldn’t have if they were less informed. This is why a thorough monitoring strategy is important. While this strategy will work to keep your data and infrastructure safer, it might just save you some time and money in lost productivity.
If your organization would like more information about how to train your staff properly, or how to sufficiently protect your network and infrastructure from all manners of threats, contact the IT pros at Haber Group today at 866.625.3560.
Charles Haber has been a technology expert for small businesses in general, and the AEC industry specifically for over 25 years. 15 Years ago, he founded Haber Group to provide technology services that combine business needs with the human factor.