In recent months, a number of corporate IT systems have been attacked and infected with damaging viruses. These often pose as enticing email attachments to catch out unwary users. The damage has varied from simply taking up network resources to destroying files, adding to costs and causing loss of business.
In response, firms are taking steps to guard their systems, including blocking dangerous file types at the firewall, educating staff about the dangers of opening attachments, amending policies on Internet use, and increasing budgets for antivirus and other security measures.
However, in focusing most of their attention on viruses coming from outside, there is a danger that companies may leave themselves vulnerable to internal threats  such as disgruntled staff deliberately disrupting networks.
The challenge for IT managers is to decide which combination of measures will best serve the needs of their firms. Some companies currently assume, wrongly, that publicity about viruses means there is no need to explain why opening attachments can endanger networks, because staff will delete such emails immediately or seek the advice of the IT department.
