White NRA Horizontal logo

connectingRetail-white

The Digital Business Kit for Retailers


Learning Outcomes

Retailers will gain an understanding of the different online Security and privacy risks and opportunities to address these. [printfriendly]

mod-arrow Internal Security

Internal elements are security and privacy issues originating from within the organisation. Knowing more about internal threats can help your company protect itself. There are two main categories:

Intentional: An employee or internal worker deliberately causing harm. They may destroy data, physical storage, or devices. An individual with malicious intent can be classified as a “hacker” if they have resources to attack the system electronically. (See resources here).

Unintentional: A mistaken or accidental act by a worker which results in a security or privacy breach. This is a more common security and privacy risk than an intentional act.

Top internal threats

With increasing email volumes, social media and other online interactions taking place within organisations, it is increasingly important to ensure safety of data and systems. For retailers who share a local computer, this becomes more difficult as online connections such as emails, social media page updates, etc. are controlled by various staff. Legitimate online company threats can be compounded by staff that take the opportunity to access personal programs or browse the Internet using the business network or devices. If a company intranet is being used, policies and protocols in regard to access to outside browsers and services, as well as downloads and opening of applications, are critical.

Examples:

Social media: This can be a very powerful and positive tool for retail. However, policies and protocols need to be very clear for staff when using these tools. Settings for social media tools need to be set correctly to protect staff posts and browsing activities. Social media policy should clearly state the type of activity that is permitted by the business.

Web browsing: A common “legitimate” activity such as staff completing research, posting to other sites, etc. Unsafe browsing behaviour can lead to security risks.  Click here for resources on best practices for web browsing.