After-hours Activity is Bad for Business
The Network: A financial institution with operations in multiple states in the USA.
The Expectation: Workstations are extensively used at both branch and headquarters. Being a financial institution, after-hours access is expected to be heavily regulated.
The Catch: Unexpected activity at a branch location after business hours. The branch is expected to be shut and physically inaccessible to employees.
The Find: Unbeknownst to the IT department, a remote access program had been installed to permit the user to login to his desktop at work, from a remote location. The user was accessing personal information that had been stored at work. This remote access is obviously an unauthorized “hole” deliberately left open for the users benefit. Unfortunately, this hole can be easily exploited by attackers.
The Fix: Uninstall the remote access program, conduct remedial training for the concerned employee.
The Lesson: Secure the human — they are far too often the weakest link.