On Corporate Network Security

Corporate network security is something we'll always talk about because it's such a huge subject. And when thinking about it, you have to consider your threats carefully. What can happen? Where do the problems come from and who can really do something bad? When you work in a corporation that handles important data, it doesn't matter if you're in the IT department or not - you need to ask yourself this: am I doing something that might be harmful for the company's security? And I'm serious about this; it's just like real life. When you're walking in the street, you don't wait for a cop to give drivers a speeding ticket, but instead sit on the side walk, to avoid getting squashed.

Threats can come both from hackers as well as from sloppy employees. People that can't properly work with data pose more of a threat than malicious users that breach the system do. Why? Because if you can spot a hacker, as an admin, you can never know what the hundreds of employees are doing with the database. You can't possibly keep track of everyone. That's why people need to be convinced that security is their problem too. And if they say it's not their job, they need to know that IT IS their job to properly handle data. And besides, when a data breach happens, a company can lose some money, and if it's not the CISO's (chief information security officer) fault, then guess whose fault is it�

That means that you, as an employee, should handle security at an individual level; otherwise, it's you're a*s that's on the line, should anything bad happen. Once the IT department did their job and told everyone how to go around data without causing leaks, the problem is out of their hands should you mess something up. You screw up, it's your fault, you're the one who gets fired, not the admin. End of story. That's why even you, the simple employee, should take care when handling data.