Computers are very easily infiltrated. The average computer system can be breached by an astute twelve year old. Systems are easily breached in at least one of six different ways. The first method is that a sister computer in the same office can be used to infiltrate and copy information from the computer. The second method is that a third computer can be channeled through a second computer and the third computer used to infiltrate and copy information from the first computer. The information goes through but bypasses the second computer and most investigations are unable to identify the third computer.
The third method is that a smartphone being used by someone in the vicinity is used to access and copy information from the computer. The fourth method is that a remote computer is channeled into the computer system through an app, an open email account, or an insecure program and information is sent through the app, the email account or the program to the remote computer. Computer security systems generally focus on protecting the computer from direct access, as opposed to indirect access through an otherwise approved access point.
The fifth method is that an embedded spy program in the computer is told to send certain information to another sister computer in the same company or institution. The sixth and most popular method is that someone in the office directly accesses a computer that is not shut down at the end of the work day. Most employees are of the view that shutting down the computer and rebooting it the next day drains more electricity than leaving it on during the night. When the computer is on and unattended at night, all the first five methods of breaching it are simplified.
Office computers should be shut down individually at the end of the day, and the entire office server protected by an "off" switch. Individuals needing remote access at night could be routed through a different server that provides access only to information that is specifically requested by an authorized individual. In addition, a firewall should be constructed against all email accounts so that they never have access to information on the computer. Apps and programs should gain access to other information only if activated by the specific identified computer on which they are located, and the access should be relevant to the app or program.
If you require additional information specific to your business or government entity in regard to securing your computer and server systems, please visit my consulting website at www.RebekahIsaac.com for contact information.