{"id":11065,"date":"2022-09-30T10:37:51","date_gmt":"2022-09-30T07:37:51","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=11065"},"modified":"2022-09-30T10:37:51","modified_gmt":"2022-09-30T07:37:51","slug":"ex-employees-access","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/ex-employees-access\/11065\/","title":{"rendered":"Eski \u00e7al\u0131\u015fanlar\u0131n\u0131z hala kurumsal verilerinize eri\u015fiyor olabilir mi?"},"content":{"rendered":"<p>Eski \u00e7al\u0131\u015fanlar\u0131n\u0131z\u0131n kurumsal bilgilere eri\u015fimi olmad\u0131\u011f\u0131ndan ne kadar eminsiniz? Pratikte de g\u00f6r\u00fcld\u00fc\u011f\u00fc gibi, bu yersiz bir soru de\u011fil. \u00c7al\u0131\u015fanlar\u0131m\u0131z son ara\u015ft\u0131rmalar\u0131nda, ne olaca\u011f\u0131 kestirilemeyen d\u00fcnyada k\u00fc\u00e7\u00fck ve orta \u00f6l\u00e7ekli i\u015fletmelerin (KOB\u0130\u2019ler) siber olaylara ne kadar haz\u0131rl\u0131kl\u0131 oldu\u011funu <a href=\"https:\/\/www.kaspersky.com\/blog\/smb-cyber-resilience-report-2022\/\" target=\"_blank\" rel=\"noopener nofollow\">analiz etti<\/a>. Ara\u015ft\u0131rma, ankete kat\u0131lan KOB\u0130\u2019lerin yakla\u015f\u0131k yar\u0131s\u0131n\u0131n, eski \u00e7al\u0131\u015fanlar\u0131n bulut hizmetlerini veya kurumsal hesaplar\u0131 kullanarak i\u015fletme verilerine eri\u015femeyece\u011finden %100 emin olmad\u0131\u011f\u0131n\u0131 ortaya koydu.<\/p>\n<h2>Kurumsal verilere eri\u015febilen eski bir \u00e7al\u0131\u015fan\u0131n ne zarar\u0131 olabilir?<\/h2>\n<p>E\u011fer i\u015fine yarar bir \u015feyse, eski bir \u00e7al\u0131\u015fan i\u015fletme hizmetlerine veya bilgi sistemlerine eri\u015fti\u011finde, eski i\u015fverenine sand\u0131\u011f\u0131n\u0131zdan daha \u00e7ok zarar verebilir. Genelde KOB\u0130\u2019ler, eski bir \u00e7al\u0131\u015fan\u0131n kendi rakip i\u015fletmesini kurmak i\u00e7in kurumsal verileri kullanmas\u0131 veya bir rakiple i\u015f ortakl\u0131\u011f\u0131 yaparak \u015firketin m\u00fc\u015fterilerini \u00e7almas\u0131 gibi olduk\u00e7a hayali tehditler konusunda endi\u015feleniyor. Ancak ticari zarar s\u00f6z konusu oldu\u011funda, bunlar listenin alt\u0131nda yer al\u0131yor.<\/p>\n<p>Eski \u00e7al\u0131\u015fan\u0131n\u0131z ki\u015fisel verileri i\u00e7eren m\u00fc\u015fteri veri taban\u0131na eri\u015febiliyorsa, bu verileri s\u0131zd\u0131rabilir (i\u015ften \u00e7\u0131kar\u0131lman\u0131n intikam\u0131 olarak) veya dark web\u2019de satabilir. \u00d6ncelikle, bu i\u015fletmenizin itibar\u0131n\u0131 zedeler. \u0130kincisi, m\u00fc\u015fterilerinizi riske atabilir. Zarar i\u00e7in olmasa bile, m\u00fc\u015fterileriniz en az\u0131ndan ki\u015fisel verilerinin s\u0131zd\u0131r\u0131lmas\u0131 sebebiyle yasal i\u015flem ba\u015flatabilir. \u00dc\u00e7\u00fcnc\u00fcs\u00fc ise, denetmenlerden a\u011f\u0131r bir para cezas\u0131 alabilirsiniz. Sonuncusu elbette faaliyette bulundu\u011funuz \u00fclkenin yasalar\u0131na ba\u011fl\u0131. Ancak d\u00fcnya \u00e7ap\u0131nda, bu tarz veri s\u0131z\u0131nt\u0131lar\u0131na y\u00f6nelik cezalar\u0131 s\u0131k\u0131la\u015ft\u0131rmaya do\u011fru bir e\u011filim var.<\/p>\n<h2>Kar\u015f\u0131la\u015f\u0131labilecek k\u00f6t\u00fc niyetli olmayan sorunlar<\/h2>\n<p>Baz\u0131 sorunlar\u0131n sebebi, eski \u00e7al\u0131\u015fanlar\u0131n entrikalar\u0131 veya bilgi s\u0131zd\u0131rmalar\u0131 de\u011fildir. Eski bir \u00e7al\u0131\u015fan, bu tarz bir kayna\u011fa eri\u015fimi oldu\u011funu hat\u0131rlamayabilir bile. Ancak ayn\u0131 denetmenlerin rutin bir kontrol\u00fc, yetkisiz ki\u015filerin gizli bilgilere eri\u015fimi oldu\u011funu ortaya \u00e7\u0131karabilir. Bu durum da, yine para cezas\u0131yla sonu\u00e7lanabilir.<\/p>\n<p>Eski \u00e7al\u0131\u015fanlar\u0131n\u0131zla yollar\u0131n\u0131z\u0131 iyi bir \u015fekilde ay\u0131rd\u0131\u011f\u0131n\u0131zdan emin olsan\u0131z bile, bu, tehlikede olmad\u0131\u011f\u0131n\u0131z anlam\u0131na gelmez. Eski \u00e7al\u0131\u015fanlar\u0131n\u0131z\u0131n, sald\u0131rganlar\u0131n kaba kuvvet uygulayabilecekleri veya hi\u00e7 alakas\u0131 olmayan bir veri s\u0131z\u0131nt\u0131s\u0131yla kar\u015f\u0131la\u015fabilecekleri i\u015fletme sistemlerine eri\u015fmek i\u00e7in zay\u0131f veya benzersiz olmayan bir parola kullanmad\u0131klar\u0131n\u0131n garantisini kim verebilir? \u0130ster ortak \u00e7al\u0131\u015fma ortam\u0131, ister i\u015f e-postas\u0131 veya sanal makine, bir sisteme fazladan bir ki\u015finin eri\u015fimi, sald\u0131r\u0131 ihtimalini art\u0131r\u0131r. \u00c7al\u0131\u015fanlar aras\u0131nda ge\u00e7en i\u015fle ilgili olmayan konular hakk\u0131ndaki basit bir sohbet bile sosyal m\u00fchendislik sald\u0131r\u0131lar\u0131nda kullan\u0131labilir.<\/p>\n<h2>Riskler nas\u0131l en aza indirilir<\/h2>\n<p>Eski \u00e7al\u0131\u015fanlar\u0131n hesaplar\u0131n\u0131 kullanarak yap\u0131lan veri s\u0131z\u0131nt\u0131lar\u0131na y\u00f6nelik al\u0131nan \u00f6nlemlerin bir\u00e7o\u011fu kurumsal \u00e7apta ger\u00e7ekle\u015ftirilir. Bu y\u00fczden, \u00f6nerimiz:<\/p>\n<ul>\n<li>\u00d6nemli kurumsal verilere eri\u015febilen ki\u015fi say\u0131s\u0131n\u0131 en aza indirin.<\/li>\n<li>E-posta, payla\u015f\u0131lan klas\u00f6rler ve \u00e7evrimi\u00e7i belgeler dahil kurumsal kaynaklar i\u00e7in s\u0131k\u0131 eri\u015fim politikalar\u0131 belirleyin.<\/li>\n<li>S\u0131k\u0131 bir eri\u015fim g\u00fcnl\u00fc\u011f\u00fc tutmak. Kimin nereye eri\u015fti\u011finin kayd\u0131n\u0131 tutun. \u00c7al\u0131\u015fan\u0131n \u015firketten ayr\u0131lmas\u0131 durumunda, vakit kaybetmeden eri\u015fimi kald\u0131r\u0131n.<\/li>\n<li>Parola olu\u015fturma ve parola de\u011fi\u015fimi i\u00e7in anla\u015f\u0131l\u0131r, net y\u00f6nergeler olu\u015fturun.<\/li>\n<li>\u00c7al\u0131\u015fanlar\u0131n\u0131za d\u00fczenli <a href=\"https:\/\/www.kaspersky.com.tr\/enterprise-security\/security-awareness?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder____ksa___\" target=\"_blank\" rel=\"noopener\">siber g\u00fcvenlik bilinci e\u011fitimi<\/a> sa\u011flay\u0131n.<\/li>\n<\/ul>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kasap\">\n","protected":false},"excerpt":{"rendered":"<p>Eski \u00e7al\u0131\u015fanlar\u0131n\u0131z\u0131n kurumsal verilere veya sistemlere eri\u015fimi olmad\u0131\u011f\u0131ndan emin misiniz?<\/p>\n","protected":false},"author":2581,"featured_media":11066,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1194,1727,1351],"tags":[667,1271,1243],"class_list":{"0":"post-11065","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"category-threats","10":"tag-arastirma","11":"tag-calisanlar","12":"tag-erisim"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/ex-employees-access\/11065\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/ex-employees-access\/24670\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/ex-employees-access\/20137\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/ex-employees-access\/27123\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/ex-employees-access\/25004\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/ex-employees-access\/25348\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/ex-employees-access\/27747\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/ex-employees-access\/45684\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/ex-employees-access\/19533\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/ex-employees-access\/20105\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/ex-employees-access\/29341\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/ex-employees-access\/32629\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/ex-employees-access\/31064\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/ex-employees-access\/30773\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/erisim\/","name":"eri\u015fim"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/11065","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2581"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=11065"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/11065\/revisions"}],"predecessor-version":[{"id":11069,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/11065\/revisions\/11069"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/11066"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=11065"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=11065"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=11065"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}