Take These Steps to Protect Against Insider Threats
Your biggest IT problem may be a personnel problem. We’re not talking about a shortage of skilled staff to keep your systems running, though that’s a big issue and an important reason to consider hiring IT consultants.
No, we’re talking about the insider threats to your information security. Studies show that more than three quarters of breaches are caused by insiders, whether through malicious actions or by accident.
Insiders Aren’t Just the Employees In Your Offices
The nature of today’s workforce adds to the challenge. The days of long-time, trusted employees who started directly out of college and remain until retirement are long gone. Employees no longer expect life-long careers at a single company and frequently move on after a year or two. Many of your insiders today aren’t even employees; they’re contractors who may work from remote offices where you never even see them. Your employees work remotely too, sometimes from insecure locations like airport lounges or coffee shops.
Data Today Is More Valuable and More Tempting
The rise of big data means there’s more data available to be stolen or accidentally exposed. Cloud is generally secure, when it’s managed with proper oversight, but employees often use file sharing services that offer convenience but lack security. There’s a big dark market for stolen data, and hackers can be persistent and clever with spear phishing attempts to trick them into exposing login credentials or other sensitive data.
Process and Technology Can Help Protect You
You can use technology and implement business processes that help protect you from both accidental and deliberate exposure of secret information by employees.
- Automate account deletion. Make closing out departing employees’ accounts a one-step operation by automating the process. You can use mobile device management, identity management, and security tools that rely on Microsoft Active Directory to force deletions to flow automatically; all you need to do is deactivate the Active Directory account. For contractors and other temporary employees, set expiration dates on their accounts.
- Use single-sign on everywhere. In order to make that first step possible, use single-sign on everywhere you can, including cloud services. The fewer identities users have, the less likely you’ll miss deleting one of them when they leave the company.
- Use role-based privileges. If you limit users’ access, you limit the data they can potentially expose. Define privileges based on roles, rather than granting a grab bag of individual privileges.
- Do frequent audits. Technology can fail. Don’t blindly trust your automated processes. Conduct reviews at least annually to ensure that all former employees’ access was deleted. Also review the roles and privileges of current employees to make sure they’re appropriate for their current responsibilities; it’s easy to forget to delete old privileges after an employee transitions to a new position. In addition to reviewing accounts and privileges, review user actions to identify any suspicious behaviors that can indicate theft of data. Behavior analytics can reports users who deviate from their usual access patterns.
- Teach employees safe computing practices. Most data exposure by insiders is accidental, not deliberate. Teach employees how to recognize phishing emails and other safe computing practices. Repeat the training annually as a refresher and to point out new threats.
Employees can be your biggest asset as well as your biggest threat. Prescient Solutions team of certified security experts works with businesses in the Chicago and Schaumburg area to establish comprehensive security solutions that protect against insider and outsider threats, along with other IT solutions that empower employees to drive your business forward. Contact us to learn how to improve your information security and your information technology.