Hacker, Researcher and Author.

How To Deal With Insider Threats?


The biggest threats to IT security don’t originate from outside a company. Employees, contractors, and business partners on the inside pose a far greater security risk. As long as your current or former staff and associates have access to your internal network, you are vulnerable to a security breach.

Here’s how to deal with the real and significant threat of attack from insiders, and avoid the widespread damage they can unleash on your company’s finances and reputation.

First: Assess the Risk

For most firms, implementing full protection against every possible threat is not feasible. It makes more sense to assess the risk, determining which data is critical and which is relatively unimportant. Protect critical resources first.

Next, decide who needs access to the network. Make sure that individuals such as partners, suppliers and contractors have access only to the information they need to serve your company or customers.

The third step in assessing risk is determining who are the potential threats, why they would want access to the network, and how they could gain entry. At this stage, many organizations only consider external threats: competitors, random hackers or former employees. Don’t neglect analyzing your insider threats, as well – including the staffers tasked with protecting the system.

Once you’ve uncovered vulnerabilities, you can take steps to prevent an insider attack.

Implement Preventative Measures

Among the best practices for preventing insider threats are:
  • Institute clear policies and controls; be sure all employees are aware of acceptable network use and what constitutes a breach.
  • Enforce policies consistently; maintain proper paper trails.
  • Implement security awareness training; reinforce its importance.
  • Segregate duties to reduce risk.
  • Encourage employees to come forward and identify suspicious behavior, malicious insiders, threats against the company or attempts at exploitation.
  • Implement proper system administration safeguards on critical servers.
  • Monitor trusted users.
  • Audit access to customer information.
In addition, you’ll want all the usual technical protection against spyware, malware and viruses, firewalls, and regular security patches. Consider securing the physical space as well, with entry and exit controls and badges to monitor employees, delivery people and visitors. You want to hire security personnel to discourage criminal activity.

Finally, Know Whom You’re Hiring

Failing to thoroughly check out a potential hire leaves a company vulnerable to insider threats. It goes without saying that thorough background checks are necessary for any prospective new employee who will have access to sensitive information, from customer credit card numbers to crucial application source codes. But for better protection, extend that practice to all employees and contractors.

Background checks should include a criminal history report, a credentials check and a credit check. Hiring managers should verify past employment and speak to former employers regarding the applicant’s history of dealing with workplace issues. Any information gathered should be part of the decision-making process.

Monitor Employee Behavior

Once an employee is hired, be sure supervisors are tasked with reporting any strange or inappropriate behavior. Compare such incidents to systems logs to determine if anything unusual is happening. And remember to enforce all security policies. If employees learn they can get away with small violations, they may be emboldened to move on to bigger and more lucrative security breaches.

Be Aware and Vigilant When Dealing With Insider Threats

Whether they modify data, steal critical codes, sell company secrets or commit payroll fraud, insiders are the biggest security threats a company will face. While there is always an element of risk, you can decrease information system vulnerability with these common sense steps. Most importantly, by being aware and vigilant, you’ll be better prepared to avoid the losses that far too many organizations suffer at the hands of trusted insiders.

As more companies move more of their businesses online we should expect to see more threats. Formal IT security training can help defend against these threats. Consider Villanova University’s online programs such as their CISSP certification prep courses

1 comment:

  1. okay, I have an insider on a home network that has hacked into my account and also my two son's accounts, and is dumping files on all our computers. A lot of them are pornography sites. My two boys are 12 and 14, and this is setting them up in the worst way possible. I have had to change my email passwords on a daily basis. PLEASE tell me what I can do to stop this rogue administrator. I have recognized a lot of the programming and app names you have listed in your articles because I see them on this rogue admin's computer. He thinks I am pretty stupid, and can't figure this stuff out. I am controlled by what this admin will let me surf the web for. He disconnected the Norton antivirus program I had set up on my 12 year old's laptop. I even bought a new Mac and stashed it at my neighbor's house and used it there. That was before I heard about neighbor discovery abilities. I have had my router changed out twice in two days. HELP

    ReplyDelete

© 2016 All Rights Reserved by RHA Info Sec. Top

Contact Form

Name

Email *

Message *

Powered by Blogger.