09 Jun Beware the Criminal (or Idiot) Within
Every computing device in every home and business should employ basic security protocols. Virus and malware protection. Firewall. Encryption for sensitive data or business use of personal devices.
Any article on basic cybersecurity tips and advice inevitably focuses on habits to protect against external threats, which provides a necessary foundation. In that way, think of security as a moat, protecting assets from outsiders.
However, not all security threats come from outside. A company’s workers can be threats as well, in incidents ranging from accidents to negligence to malicious behavior. Taking the medieval analogy further, think of insiders like the envious nephew who plots to steal the crown or the inattentive servant who leaves a critical door open at the wrong time.
A recent survey of IT leaders showed that 78% think employees have accidentally put data at risk in the last 12 months, and 75% believe workers have risked data intentionally. When asked about the impact of a breach, 41% indicated financial data would be the greatest impact area. Four in 10 employees from the same survey said they had accidentally leaked data because of a phishing attack, and one-third said they had caused a breach by sending information to the wrong person.
According to a 2019 breach report, nearly one-half of all breaches were caused by malicious or criminal attacks. And attacks cost companies more to remediate than system glitches or human error/negligence, about $30 more per record.
Finally, most companies are reactive, rather than proactive, in their detection capabilities. Only 29% of organizations said they successfully prevented an attack through proactive discovery, but they were successful less than 10% of the time.
Any employee with network permissions can inadvertently delete or compromise data. Although this would be characterized as an accident, rather than malicious, the impact can be nearly as bad. Then there’s negligence. Sometimes employees violate security policies or best practices through well-intentioned, but harmful, actions or inattention.
Lastly, there are malicious insiders. The classic example is the fired employee who absconds with sensitive data to sell or who uses still-active login credentials to access and harm business accounts.
Single sign-on and multifactor authentication can go a long way toward keeping data safe. When properly configured, single sign-on validates authorized users to access company resources. If an employee quits or is terminated, deleting the sign-on cancels employee access to company systems.
Configuring single sign-on based on a user’s job title or area of authority can create additional barriers to protect company data. If you’re not in the Finance office, for example, you have no business being in general ledger files. If you are a manager, you may need more access to certain files than your direct reports.
Multifactor authentication takes security to the next level, requiring an additional step before allowing access to data.
Overwatch Technology can help businesses manage single sign-on and control data access. Even one incident can tarnish the reputation of a business and leave it open to federal, state or local scrutiny, depending on the industry.
Organizations should take insider threats into account when formulating security plans because any breach—regardless of the cause—is one too many.