Posts

Want to Keep Your Organization Safe from Insider Threats? Watch Your C-Suite…

Want to Keep Your Organization Safe from Insider Threats? Watch Your C-Suite…These days, security professionals must be highly vigilant against the many threats that place their organizations at risk on a daily basis. And while hackers certainly show up high on the list, the truth of the matter is, it’s the people who work within your company that pose the greatest risk to data security. That’s why things like spear phishing have become such a successful method of entry. In fact, 80 percent of companies say that “end user carelessness” is the biggest security threat to their organization.

But the ones that are making your company most vulnerable to potential breaches aren’t poorly trained entry-level employees. It’s your senior level managers. Surprised? Many are. Yet, if you think about it, these individuals have access to information that is much more sensitive than that of the everyday employee. So, it stands to reason that the chance of an error resulting in a breach is naturally higher for this group.

And the numbers seem to support this theory. 58 percent of senior managers have accidentally sent sensitive information to the wrong person (compared to just 25 percent of workers overall). 51 percent have taken files with them after leaving a job – twice as many as office workers in general.

What are the biggest security risks these insiders pose? Most tend to fall within one or more of the following:

  • Reusing or sharing passwords with others
  • Leaving computers unattended outside of the workplace
  • Failing to delete data from computers once it’s no longer necessary
  • Carrying unnecessary sensitive data on a device (laptop, tablet, smartphone, etc.) while traveling
  • Using unsecured personal devices to process sensitive information
  • Failing to encrypt information when transmitting

So, what’s the solution? Well, the best approach should be multifaceted. Here’s a list of recommended actions:

  • Develop and establish a written security policy
  • Communicate that policy openly and regularly to ensure awareness across all levels of the company
  • Ensure appropriate access restriction to sensitive data (virtual and physical)
  • Conduct regular training to increase security awareness about what is and isn’t acceptable (start from the top!)

Last, but certainly not least, you should invest in available technology. This includes monitoring systems, alerting programs and automated cybersecurity incident response. These things will ensure that should an employee still make an error, it will be detected, addressed and remediated as quickly as possible.

Could your senior managers be placing your organization at risk? The time to act is now – before it’s too late! Start working on your strategy and download your free 30 day trial of Ayehu automation and orchestration platform.

eBook: 5 Reasons You Should Automate Cyber Security Incident Response

5 Common Insider Threats and How to Manage Them

5 Common Insider Threats and How to Manage ThemWhen we talk about security threats to the enterprise, the focus often centers on hackers and other external parties. In reality, the biggest danger to most organizations is the very users who work within. In fact, according to Gartner, more than 70% of unauthorized access to sensitive data is committed by a company’s own employees. The good news is enough research has been done to identify the five most common insider threats and, more importantly, what your organization can do to prevent and protect against them. Let’s take a look.

Problem: Sensitive Data Sharing via Email or IM

Along with the convenience of quick and/or instant electronic communications also comes the greater risk of confidential information being shared via one of these tools, like email or instant messaging. Thankfully, this is one of the easiest insider threats to manage and control.

Solution: Encrypt, Analyze and Filter

The easiest way to prevent sensitive data from being shared electronically is to ensure that all messages and the content contained within (including attachments) are properly encrypted. Additionally, you can set up a network analyzer and content filtering which will help to automatically identify and block any classified information from going out. Lastly, outsourced or perimeter-based messaging solutions often provide easy to manage content filtering and blocking, so know and take advantage of what’s available to you.

Problem: Remote Access Exploitation

One of the greatest benefits of today’s technology is the flexibility it affords to be able to access networks and internal systems from anywhere. Unfortunately, this same advancement can also prevent a whole new set of risks to the integrity and security of sensitive data. The ability to access information from off-site via remote access software like Citrix and GoToMyPC can make it easier and more tempting to steal and compromise that data. Furthermore, inadequately protected remote devices could end up in the wrong hands if they become lost or stolen.

Solution: Establish Stronger Remote Work Guidelines

Controlling who can access and share files and keeping a close watch on OS and application logins is critical. Implementing tighter security controls, particularly those systems that are most sensitive and therefore pose the greatest risk can provide a much greater degree of protection. Likewise, monitoring and limiting employee usage through logs and audit trails will also add another layer of security. Finally, establishing stronger password requirements, using multi-factor authentication and enabling screen saver timeouts can prevent unauthorized access issues.

Problem: Peer-to-Peer File Sharing

P2P sharing software is a great tool for fostering collaboration and improving efficiency amongst employees, but these platforms also pose a significant security risk. All it takes is one ill-intentioned individual to misconfigure the software and suddenly your internal network and drives are available for anyone to access.

Solution: Implement More Stringent P2P Policies

The best way to prevent against P2P software vulnerabilities is to not allow it within your organization. Implementing a network analyzer and routinely performing firewall audits will further strengthen your defense. For optimum protection, a P2P firewall is recommended. If you do happen to allow P2P software, a perimeter-based content monitoring solution can help keep sensitive information secure.

Problem: Insecure Wireless Network Usage

Accessing confidential data via unsecured wireless networks can potentially place your organization at risk, even if that insider threat is unintentional. If your employees work remotely and use WiFi or Bluetooth connections, all it takes is one breach of a file transfer or email communication for your valuable data to be compromised.

Solution: Provide a Safer Alternative

Rather than allowing employees to utilize airwaves that are not adequately secure, providing your WiFi users with a secure wireless hotspot is the ideal solution. Use a VPN  for remote connectivity and implement a personal firewall for an added layer of protection. Don’t forget internal wireless networks, either. Always use encryption, authentication and logging. If Bluetooth is not necessary, disable it or, at the very least, make your devices undiscoverable.

Problem: Participating in Discussions on External Boards or Blogs

Whether it’s posting a question on a message board for support purposes or commenting on a thought-provoking blog, employees could inadvertently put your sensitive information at risk without even realizing it.

Solution: Filter and monitor.

Filtering content at the network perimeter is the most effective way to identify and block sensitive data from being shared externally. Of course, as with everything else, there’s always a chance that encrypted transmissions could be missed and may end up on such sites. For best results, setting up a notification system, such as Google Alerts, which will let you know any time certain keywords (specified by you) are used on the web.

Ultimately, managing insider threats should be an important component of your overall cyber security incident response strategy. Implementing tools like automation can help further identify, address and remediate security incidents – including those caused by internal parties – so that damages can be mitigated.

Is your defense strong enough to keep sensitive data safe? Start your free trial of eyeShare today.





eBook: 5 Reasons You Should Automate Cyber Security Incident Response