Protecting Your Data from Within
When we hear about a data breach, the first thing that comes to mind is a hacker “breaking in” to a secure system in order to steal data. The fact is that most security breaches start from inside the workplace.
What Are the Threats to Your Data from Within?
You have to watch out for three different threats from inside any business organization:
- Ignorance – Malware enters the system because a naïve employee clicks a bogus email link or selects okay on a dialogue box that starts the download.
- Neglect – Some employees may know better but simply don’t care. For example, if allowed to, they may use company computers to surf shady sites that are known for harboring spyware and phishing schemes.
- Malicious – A rogue employee steals data to hurt the company—or perhaps for profit. There have been reports of hackers bribing employees to give out their login credentials.
Why Internal Threats Are Tough to Contain
You can’t constantly be looking over the shoulder of every employee. There are varying degrees of tech savvy in the workplace, and sometimes a quick course in avoiding scams isn’t enough to keep it from happening. Not all companies have sufficient checks in place to keep users from going to sites where malware is commonly downloaded. Also, user-developed passwords are often too simple, and many networks do not have any established rules in place to make employees select passwords that are difficult to guess.
What Can You Do?
Here are a few ways to counteract these internal security issues:
- Monitoring Access – You need to have something in place to monitor the activity of your users. Make sure that users have the permissions to access only the sites they need in order to do their job, rather than giving everyone full-system access.
- Monitoring Use – You need to be able to quickly detect the difference between normal system use and something sketchy. It can often be difficult to tell the difference between accidental and intentional misuse of the system, but something needs to be done either way.
- Fast Response – You need to have a game plan in place for when something goes wrong. You can’t shut down a user’s access every time someone does something different, but you also want to cut off access immediately if someone is actually trying to do damage—so there is a fine line.