[BreachExchange] Is your company equipped to handle insider threats? Educate & monitor
Audrey McNeil
audrey at riskbasedsecurity.com
Tue Feb 14 19:34:18 EST 2017
https://www.scmagazineuk.com/is-your-company-equipped-to-
handle-insider-threats-educate-monitor/article/634532/
When it comes to data breaches, insiders can be riskier than outsiders,
even when they aren't maliciously targeting your company. Since insider
threats are responsible for 43 percent of data breaches, it is important
for business owners to take the necessary steps to reduce the likelihood
that an employee will be responsible for a cyber-security incident.
Control employee access to sensitive data
In 2015, unauthorised access was the leading cause of cyber-security
incidents in the healthcare industry. While it doesn't stop authorised
employees from using and abusing the privilege, controlling access does
limit the number of people who have access to sensitive data. Employees may
also be less likely to attempt to engage in data theft if they are aware
that you can quickly narrow it down to a handful of staff members who could
be responsible for any breaches.
There are several types of privileged accounts, so you can provide access
on various levels. From domain accounts that allow employees administrative
access for all workstations to local accounts that only provide
single-serve access; you should assign different privileges to different
staff. Every few months you should review the employees and their access.
This will help you determine if there is anyone on staff who has access to
sensitive data if they no longer need it.
Should an employee leave your team, wait two weeks before ensuring that all
their work accounts are deleted and that their privileged access is
revoked. Their email inbox should be reassigned to a manager, who can reply
to emails on their behalf until a new employee is hired.
Ensure your staff members are properly trained
A significant portion of cyber-attacks are a result of negligent employee
behaviour.Some staff behind cyber-attacks are not acting on malicious
motivations; instead, they are responsible for cyber-security incidents due
to a failure to practice safe online security measures. Online security
training should teach your staff how to:
·Utilise Anti-virus and Anti-malware Software: Staff should be trained to
manage anti-virus and anti-malware software. It is important that they too
run scans regularly and know how to proceed when malicious software is
found.
Maximise Password Security: Everyone in your office should use secure
passwords that contain a mix of lowercase letters, capitals, symbols and
numbers, and ensure that all passwords are different for every account that
they hold.
Get Rid of Unnecessary Information: Establish protocols that inform staff
members when they should dispose of information that is no longer necessary
for your business.
Keep an eye on your staff
Monitoring software allows you to keep a close eye on your network, so you
can see when sensitive data is being accessed and by whom. There is a wide
range of options when it comes to network monitoring software. When
choosing the right solution for your business, there are several factors
that business owners should consider when choosing network-monitoring
software, such as:
Scope: Do you need the solution at a single location or multiple locations?
Will it be needed to monitor services as well as other network devices? You
may also want to monitor remote sites and virtual environments.
Scalability: Consider your business development plans for the next few
years. It is important that your monitoring software will be able to handle
your company's technology as it develops and as your company grows.
On- or off-premises management: To enforce more specific policies with a
more granular control approach, it is best to manage monitoring onsite
while small businesses would be best suited for third-party monitoring
options.
Remember – monitoring employees does not mean you must micromanage your
team or invade their privacy. You can successfully keep a close eye on your
staff's activities by engaging in the best practices for monitoring
workplace activity:
Avoid placing monitoring devices in non-work areas, such as a washroom or
locker rooms.
Be consistent so it does not appear that you are selectively monitoring
employees.
Get legal advice before implementing a monitoring programme.
The key to preventing cyber-attacks caused by insider threats is keeping
your staff educated while practicing strict controls and monitoring. You
can certainly cut down on the likelihood of insider data breaches by being
diligent to keep your company's sensitive information and employees safe.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170214/6f4ec894/attachment.html>
More information about the BreachExchange
mailing list