Risk Management Strategy for Insider Threats

Did you know a recent Intel Security study on data theft found that insiders are responsible for 43 percent of all data loss?

According to the study, 40% of data is stolen using physical media such as laptops, tablets and USB drives and mobile phones were used for 15% of data thefts. Sixty percent of data stolen electronically was through FTP, tunneling protocols or email although instant messaging, VOIP, peer-to-peer sharing and other forms were also used.

insider threat detection

With this information in mind, it’s important that all IT professionals set a strategy in place to manage insider threats before a crisis occurs. Below we’ll walk through three ways you can start protecting data at your company.

1. Educate Employees on Data Ownership

For years IT security professionals focused on external threats to internal data, but we know now that insider threats pose an equally serious problem. Internal data breaches may not always be malicious (although they can be). For example, something as simple of an employee with Privileged Access with a weak password can present a threat.

Educating employees on proper protocol, especially those with high levels of security access, is important for keeping your data safe. At the same time, it’s up to IT to manage risk to avoid a breach at all costs.

Having computer monitoring software in place that can alert you to suspicious activity is one way to manage internal risks. If a user suddenly tries to email a confidential file or download a bunch of information you can be alerted in real time to stop a potential data theft in its tracks.

In some cases the employee may not be acting maliciously, but it’s still important for you to know what is being done. Being alerted presents an opportunity to educate the employee on why what he or she is doing is not acceptable.

2. Control Which Tools Employees Use to Share Files

A study produced by Symantec and the Poneman Institute found that nearly half of all employees surveyed “regularly emailed business documents to their personal accounts, a third confessed to moving work documents to unapproved file sharing apps and 40 percent stashed work files on their mobile devices.”

As the workforce has become increasingly more mobile, the number of employees moving files between devices will only increase.

It’s very important that IT security managers have a written policy in place dictating:

  • What type of files can be shared between devices
  • Which apps are approved for file sharing
  • What to do with a shared file once it’s no longer needed
  • Which devices can be used for sharing files

Employees who want or need to access files remotely should be given company owned devices with appropriate security settings in place to complete their work. They should be given access to file sharing accounts that are company approved and they should be told how to properly dispose of files once they are done with them.

For instance, your policy might detail that confidential files are not to be shared via email under any circumstances. Whereas sensitive but not-quite-confidential files can be shared via email but the email and all attachments must be deleted off of any mobile devices as soon as the files are no longer needed. This reduces your risk of having sensitive data fall into the wrong hands if an employee misplaces their smartphone or laptop.

3. Have an HR Policy in Place for Dealing with Insider Threats

In many companies a strong partnership between the IT department and the HR department just isn’t the norm. When it comes to putting together a risk management strategy for detecting insider threats having the HR team on your side is vitally important.

While your IT department has the expertise necessary for setting the rules for keeping data secure, it’s the HR department that has the expertise necessary for handling the human aspect of employee breaches.

Computer monitoring software like Employee Monitoring can provide the IT department with real-time alerts for employee misconduct while at the same time recording the screen of the employee. This provides evidence for your HR team when it comes to taking disciplinary action. The video recordings also act as HD evidence if compliance protocol is breached.

Keep Your Data Safe to Avoid a $3.5 Million Penalty

The latest research shows that the average cost of a data breach will set a company back by $3.5 million. If you don’t have that kind of surplus tucked away in your IT department’s budget, consider spending on software like Employee Monitoring that will help you detect insider threats before a crisis occurs.


© Pilixo. All Rights Reserved