Authorised Insiders are Surprising Data Threats

In a recent survey, Ponemon Institute revealed that in over 72% of reviewed organizations, management was unable to restrain and handle employees’ means of approach to classified documents and files. This is perhaps an insight into how persistent data infringements continue to arise from escalated concessions given to insiders.

Another area of concern to corporate boards and senior management is how most organizations have no clue on the location of its mission-critical data stored in the corporate network, which individual or department has the right of access to it and what they are doing with that data.

Ideally, organizations must deploy Digital Rights Management (DRM) solutions as the first step. Additionally, they must be watchful in exercising and executing security policies as well as understanding where the organisation’s most valuable data is stored at all times.

In the same survey, over 600 IT security executives were questioned on the familiarity of their directors or management’s approach to safeguarding classified information, documents, PDFs and data files against hackers. It was seen that every organisation survey employed some form of document or file level security tools. The security measures used were to safeguard copyright information, merger and acquisition information, classified business data, trade secrets, new product/service information, financial data and the like.

In spite of security tools employed at the organisation, the report revealed that biggest threat was seen from company insiders. Some of the primary reasons for information breaches suffered by organisations were due to reckless employee behaviour or lost/stolen devices containing confidential information. More than half the respondents of the survey revealed that their organisations were efficient in avoiding data infringement from external parties and hackers, yet they were less than confident in avoiding the data breaches from unintentional/intentional use by employees.

The report concluded that there is a need for higher security hygiene, including training employees as well as consequences for irresponsible or malicious behaviour towards data leakage. Every employee who has access to data must be advised on ways to safeguard their access to the information. There is also a great need for organisations to lock down classified information, intellectual property and confidential data that is not be accessed by anyone, other than those necessary.

While cyber criminals, ransomware and malware attacks have been making headlines of late, regulators are continuing to target specific entities such as the healthcare industry and their partners or associates so they do not misjudge the grave security and privacy hazards posed by insiders.  According to a cyber awareness alert, released by the Department Of Health And Human Services Office For Civil Rights, ‘Do You Know Who Your Employees Are?’ the bulletin urges organisations to closely assess the hazards that their employees could produce.

Additional alerts from enforcement agencies further drive home the point that insider threats are becoming one of the largest threats to businesses worldwide and insiders could drive some cyber-attacks. However, not all attacks due to insiders are deliberate or malicious; but nevertheless, the impact of these attacks can be detrimental to a covered entity and their partners and could have massive negative reverberations on the confidentiality, integrity and accessibility of its online safeguarded data.

In fact, insiders have breached Electronic Protected Health Information (ePHI) in recent times. The reasons behind these breaches vary from employee errors – like opening a phishing email that contained a Trojan or being duped by tricks that cause permitted users to hand over their credentials to cyber-terrorists – to malicious occurrences causing employees to commit identity theft, embezzlement or other offences.

For instance, a large cyber-attack, like the one at Anthem Inc., affected nearly 80 million people, and was believed to have started with a phishing attack on the staff of the health programme.

Some steps that could help protect organisations from insider threats include:

• Enforce stringent policies and practices on employee login and account management
• Carry out the division of duties and provide only minimal privilege
• Determine security contracts or settlements for any cloud services, particularly access limitations and surveillance capabilities
• Initiate rigorous access controls and supervision practices on privileged users
• Employ a security information and data management system to record, oversee and inspect actions on secured data files and pdfs
• Track and supervise remote access from all ends, including handheld and smart devices.

A critical step in avoiding and discovering data breaches from insiders is to recognise the threat. Social engineering testing of how employees or insiders access information and security awareness training can help in identifying weaknesses and preventing data breaches.

Author Bio:

Karishma, full time content writer content writer by profession.  She loves reading books, travelling and eating continental foods. Currently, she is associated with Locklizard, a software company provides digital rights management security software.