Insider threats are not new; 37% of organizations experienced cybercrime involving an insider in 2014. Among all incidents, insiders posed the biggest threat to the intentional theft or exposure of confidential records (76%) and consumer records (71%). Although some of these issues are associated with deliberate acts, it’s usually unintentional behaviour or negligence - disabling encryption, losing a device - that pose the greatest risk.
In “The Risk of Internal Threats in the Mobile World,” an article I contributed to Mobile Enterprise, I explore the failure of many security tools to address internal threats, be they intentional or accidental, and how your organization can take steps to defend against internal threats.
Right now, most employees have access to sensitive corporate information without special security clearances. At the same time, most employees are able to connect with company data from any location using the mobile device of their choice. As you can see, this free flow of data outside of the corporate network is putting corporate information at risk - innocently or on purpose. Anti-virus, SSL protocols and encryption all help protect your organization from outside risks, but they’re meaningless against an insider who has the necessary passwords and credentials.
Risks associated with insiders require technology that constantly monitors the status of an endpoint, flagging suspicious activity when it’s detected. IT can use technology such as Absolute Data & Device Security (DDS) to track the location of a device, a user name change, if encryption has been disabled, if non-supported apps or programs or installed, if the device is altered or attempts are made to re-image it. This early warning system will allow the Security and IT teams to investigate and determine if additional action is required.
Alongside having a persistent connection to each device to act as your warning system, the article talks about the importance of employee training in preventing many unintentional data breaches.
A holistic approach to security will help your organization address both the internal and external risks that your organization faces. Read more about my thoughts on addressing internal threats here.