Data Theft

Most organisations spend a great deal of money and effort securing their systems against intruders. Passwords, security alarms and video surveillance are all part of the tools used to protect computer systems and the data they contain. However, most unauthorised data access is not by outsiders, but instead by trusted employees.
A worker may not feel there is anything wrong in looking up confidential details to help out a friend or co-worker. An underpaid worker may sell this data to make extra cash. An angry or disgruntled employee may take revenge through distributing copies of private and personal details.
These types of unauthorised accesses are the most difficult to prevent.

Electronic commerce (e-commerce), which usually involves purchasing goods on credit over the Internet, has been a major security issue. Most web sites that use e-commerce now use very secure systems to allow customers to safely enter their credit card details. The card details are encrypted, and only decrypted when reaching the target web server.
However, some e-commerce systems store their private documents in standard text files and other unsecured documents on their web server. This is the same as using an armoured car to take your cash to the bank, and then letting the teller leave the cash on the counter overnight. Anyone who wanted to steal these documents could simply copy the unsecured documents straight from the web server.