Shrinking the elephant in the room.

Author:Benjes, Dietrich
Position::DATABASE AND NETWORK INTELLIGENCE: WHITE PAPER
 
FREE EXCERPT

When it comes to information security, the notion of the insider threat is increasingly rearing its head. The sensational idea that immediately springs to mind is of corporate espionage--competitors going incognito or rogue employees stealing information. Though this certainly does happen, the reality of true insider threats is one that is far less thrilling, yet just as serious. It's the great, big elephant in the room: employee misjudgement. Sure, you may run training courses, teach them how to spot a phishing email and run awareness programmes, but mistakes are made (we're all human after all). In fact, the majority (60%) of insider threats according to the 2014 DBIR were not malicious, but due to employee mistakes which can leave an organisation to foot bills of $800k on average. A common example is that of the 'copy and pasters' of the world. The employees who, by trying to make life easier for themselves, inadvertently leave private or sensitive data dotted about the corporate network just waiting to be found.

And even if it may go a little deeper, say an employee snooping an area of the network they shouldn't with any malicious intent if they've seen it from their user account that has been hacked, then so has the hacker. While pure human nature makes us more biased towards fearing the more dramatic of risks, in truth, the frequent mundane threats that stare us in the face every day will be the ones that take us down. So it's time to shrink the elephant in the room. Here are five tips organisations can implement to help take the emphasis off of employees and put it on something easier to control: the data.

TIP #1: ELIMINATE GLOBAL ACCESS

Global access is a big, blunt weapon that should not be used except for information that is 100% public. Many systems give the option to grant global access to information via a special group like the "Everyone" group or "Authenticated Users" in Windows. When organisations grant access via a global access group, they're effectively saying, "I don't care what happens to this data." It's not even unheard of to see global access applied to folders with millions of credit card numbers, socials, and more. This is absurd. Seriously, stop using global access groups.

TIP #2: ELIMINATE EXCESSIVE PERMISSIONS

According to a recent study with the Ponemon Institute, four out of five IT pros say their organisations don't enforce a strict need-to-know data security model.

This means that, in most organisations...

To continue reading

REQUEST YOUR TRIAL