Network security is a priority for modern organizations of all kinds… after all, threats don’t often discriminate between the computer networks that they try to access. One kind of organization that should be especially diligent is the modern college or university. There are many different kinds of sensitive data stored there, including the personal, medical, and financial trifecta, along with intellectual property.
Unfortunately, sometimes diligence isn’t enough, as exemplified by recent events at the College of Saint Rose in Albany, NY. The capital-based college was struck in early April 2019 by a rash of computer vandalism. Vishwanath Akuthota, a postgraduate alum, pled guilty to charges of using a device known as a USB Killer to permanently disable 59 Windows campus computers, as well as seven Apple computers. This act ultimately cost the college a total of $58,371 to replace these devices.
Akuthota, an Indian national in the United States on a student visa, used his iPhone to film himself using USB Killer to destroy the computers. As a result, he faces a $250,000 fine and ten years in prison.
USB Killer is a specially made thumb drive that draws power from the USB port, charging a capacitor within the device, then releasing that power back into the USB port. This overloads the components, burning them out and breaking the machine. The USB Killer is freely available online, apparently intended to be used as a surge protection test.
Naturally, no business looks to have this kind of catastrophe happen. Unfortunately, USB Killer is particularly difficult to resist - but that doesn’t mean that there aren’t things you can do to help prevent the various kinds of employee-related security breaches. An independent study revealed that, in 2018, over two-thirds of data breaches were the result of an employee’s actions - whether they were negligent in their duties, were directly responsible for the data theft, or actively sabotaged the company.
That’s right - your employees are the ones who are most likely to put your business at risk. Now, this is not to say that your employees are actively working against you - only a quarter of data breaches were caused by the actions of employees, either current or former - but you still need to keep your network and infrastructure protected against the kinds of situations that could put your data at risk through the actions of your team.
The best way to approach these kinds of issues is to identify and mitigate them before they have an effect. This will require a two-fold approach: for your staff to be properly trained, and for you to have the tools necessary to monitor your business’ technology.
This is to help cover all of your bases. The better your staff is trained, the more prepared they will be to properly utilize the solutions you provide them with, making fewer and less severe errors as a result. However, the better your staff is trained, the more willing they will likely be to take liberties with these systems - liberties that they wouldn’t have otherwise. A comprehensive monitoring strategy will help you to keep your business, its infrastructure, and its data safe and productive.
To learn more about protecting your business through proper staff training and security solutions, reach out to the team at MERIT Solutions by calling (757) 420-5150.