From Sony to Home Depot, no business seems to be immune from data breaches. However what many companies don’t realize is that an insider data breach poses a much greater risk, and in some cases, it’s the reason why these larger incidents happen.
In 2014, 50% of enterprises were using some type of data loss prevention (DLP) solution. However, these DLP solutions can only do so much — and sometimes they even hinder employee productivity. They can stop specific actions taken by employees on a particular network, but they can’t identify trends in suspicious behavior.
A more effective approach involves taking a closer look at user behavior. User behavior often provides context to activities that are flagged by network monitoring technologies and endpoint monitoring, making them more effective at catching potential threats.
Here are a few users you’ll want to be especially wary of:
The Rule Breaker
They’re the CEO or the “higher up” who doesn’t understand IT security. If they did, they wouldn’t be strong-arming your IT department into fulfilling their latest demand. They wouldn’t be asking to use a jail-broken device on your network or asking to forego a tedious, but necessary sign-in process. Because they’d already know that doing so not only breaks company policy, it puts your data at risk.
The most important thing to the doer is getting the job done. And nothing is going to stand in the way of that — not even your company’s security policies. They’ll store their data on personal devices, use unauthorized cloud platforms to send data files and use free WiFi while they’re traveling. What they don’t realize is their convenient work-arounds could be exposing your company to potential threats.
The rogue is really the only one on this list who has bad intentions. They usually take the form of a disgruntled employee or a former employee. They’re the IT guy (or gal) who quit and left your IT systems in shambles as a going away present. They’re the salesperson who took all of your clients with them. Or maybe they’re working for you right now, and selling your trade secrets for some extra cash. Will your network pick up on the signals before it’s too late?
The newbie just got a new set of keys to your computer network and they’re ready to take it for a drive. Unfortunately, you gave them an all-access pass, instead of restricted access. So, they took it upon themselves to check out all the places where people store their files and oops, they actually deleted a few by mistake. Hopefully, you have backup.
Like the newbie, the goof doesn’t have any bad intentions — they just don’t really know what’s going on. If there’s a phishing scam going on, they’ll fall for it. If they’re shopping online, they’ll give their credit card to an illegitimate site, if someone tries to slip into the office behind them without a security card, they’ll hold the door for them. The goof doesn’t mean it — really, they don’t — but he or she will continue to pose a significant threat, if your company doesn’t take the time to educate them on its security policies.
The Solution? Finding the Right Partner
The right partner to help you combat an insider security threat is a trusted advisor, an IT guardian, a data protector. Someone who specializes in one thing and one thing only — your company’s security. To reach one of these security specialists, you only have to make one call. The number is 1-800-882-9919 and the company is, of course, UDT.
From 24/7 proactive monitoring, intrusion detection and protection, to customized alerting, reporting and employee training, UDT’s IT Managed Services offering takes a comprehensive approach to managing insider threats. Contact us to learn more.