Most of the threats we try to protect networks from come from the outside. That’s why we use firewalls and other tools to keep intruders out. But those tools don’t do anything to protect us against threats from within. Trusting your employees is good, but ignoring the risks can be dangerous. Kapersky found that more than one third of all security incidents involved insiders.

Employees Expose Data Accidentally and Deliberately

Some employees will deliberately steal data or misuse corporate information systems to enrich themselves, avenge themselves, or engage in corporate espionage. By far the bigger risk comes from employees who accidentally expose data through carelessness. Many employees email confidential documents or upload them to the cloud for easier sharing, making them potentially accessible by unauthorized users. Employees may share passwords to make it easier to get work done but increasing risk.

Employees are also targeted by malicious actors through various phishing techniques. Spear phishing uses carefully targeted emails; in some cases, the emails purport to be from company higher-ups, leading dutiful employees to respond.

Identifying Insider Threats is Challenging

It can be hard to see something right under your nose, and the same is true for insider cybersecurity threats. It is difficult to distinguish authorized work or mistakes from malicious actions, especially if employees work to conceal their activities.

Ways to Protect Against Insider Threats

There are both business steps and technical steps you can take to protect against insider information security threats.

Start by making sure you’re hiring trustworthy people. Even if you don’t do a formal background check, Google the candidate and look at their Facebook and other social media posts for any questionable activities.

Then train your employees to help them understand the importance of adhering to information security procedures as well as how to recognize phishing attempts. This training should reach all employees, including senior executives.

Use roles to assign privileges, make sure roles are granted the fewest privileges needed to perform their function, and ensure you have a policy that reviews users’ permissions at least annually. Users’ permissions should be reviewed whenever they have a change of responsibilities. You should automatically revoke access rights when an employee is terminated or leaves the company.

Don’t allow shared accounts or password sharing. Make sure your password policies require strong passwords. Consider requiring 2-factor authentication, especially for remote access to systems.

Analytics can identify usage patterns that differ from the norm and can indicate unauthorized access. Pay special attention to monitoring privileged users and third parties like contractors and vendors who have access to your accounts. Make sure your BYOD policy places appropriate controls on employees who use their own devices to access your network.

Keep all your systems up to date with patches. Those security fixes close holes, making it harder for malicious actors—whether employees or external hackers—to get into systems they aren’t supposed to.

Get Help Implementing Effective Security

Prescient Solutions offers comprehensive cybersecurity services to Chicago-area businesses, organizations, and government agencies. Our certified professionals apply the latest knowledge and tools to help you define and implement effective policies and controls. Contact us to protect your systems against internal and external threats.

Additional Cybersecurity Resources

How Do You Protect Company Data On An Employee’s Cellphone?

7 Reasons It’s Hard to Get the Protection You Need from a Firewall

The 5 Don’ts of Bring Your Own Device Policies