What is the biggest security risk in my network?

Image by Michael Giuffrida for Computer securityThe biggest risk in any network is human behavior.  Users on your network bring most of the viruses and malware into your network through their actions while performing their jobs or simply using your technology.  Whether they are researching something on the web, reading email, or loading a program on their computer, introducing malicious code is very easy to do and often they won’t even know they did it.

When this happens, it does not make them bad people.  Likely they are simply under-educated about the risks out in the electronic world and how to protect against them.  One of the most important investments you can make in securing your network is employee training.  Educate employees to recognize things that might be suspicious and what do do when they see one of them.  Give them alternatives for getting their jobs done if something suspicious is in their way.  And teach them how to protect your network from hackers and other malicious activity.

Not only should new employees be trained, but every employee should go through security training at least once per year to make sure that they understand new risks that have evolved and to help keep security top of mind.  It is no longer just “IT’s job” to protect the network.  That burden lies on the shoulders of each and every employee who uses the company’s electronic resources.

Most IT service companies can either deliver employee security training or direct you to a local resource that can.  It is important to use an expert in this field so your employees are getting up to date and accurate information about how to ensure the integrity of your network.


Michael Giuffrida from Southington CT has been operating businesses since 1997.  He is an experienced entrepreneur in business management, profitable growth, business valuation, mergers and acquisitions, and information technology managed services.

5 thoughts on “What is the biggest security risk in my network?

  • Most techie people know there are 7 layers in the TCP/IP stack …well that’s what schools teach anyway. The end user is now called the eighth layer. As with all all vulnerabilities in the stack the eighth layer requires a defense in depth approach. User education is crucial but we also need technical controls to help protect the users from themselves. Ask why did that phishing email make it to my users mailbox? Why was my user able to access sensitive data that their job didn’t require access to? Why didn’t something stop the email with sensitive data from going out?

  • That’s a great reminder – we’re good at keeping up with our core competencies, but understanding the growing role of IT in our practice and committing time to it is now essential.

  • It will serve employees well in their professional life as well as their personal life to become educated on technology security risks. I always appreciate learning of these vulnerabilites with proactive recommendations. A periodic and memorable reminder helps re-enforce the learning, so a little creativity here goes a long way.

  • I could use some extra training in this area, but I’m self-employed. If you know of any quality sites that offer tips for non-IT folks I would definitely check it out.

Leave a Reply to Lynn Cancel reply

Your email address will not be published. Required fields are marked *

*