Internal Threats and Data Security
Internal Threats are Viable and Dangerous
System security is a complicated network of programs and safeguards designed to keep your information safe. From antivirus to physically isolating the main data storage, a variety of steps can be taken both to prevent any breaches of security and to recover from any losses. However, one highly variable and dangerous point is still necessary and cannot be overstated as a risk. Human interaction. Without people to operate the systems, and experts to become mediums between the databases and consumers, a business cannot function for long- if at all. Thus, people are needed to work both with and for the company. However, social interaction and too many variables to count can affect each individual in a myriad of ways. The number of ways a person can breach security is staggering. Multiply that by every person in a company, and you have too many risks to count. This threat from within the company, an insider threat, represents both the largest risk, and the most preventable possible.
According to the government, theft of intellectual property has exceeded $250 billion a year. A disturbingly large percentage of that was because of insider threats. Most companies are focused heavily upon external threats like hackers or malware, and so few are considering insider threats. Humans are social creatures, and thrive on acceptance and trust. The inherent mistrust of security can be off-putting, but in some cases businesses need to pay attention to the phrase “Trust, but Verify.” Increased security and responsibility creates authority and reduces access to sensitive information. In most cases, companies believe that increased security measures means less attention can be given to those assets. The reverse could not be truer. If something is sensitive, regardless of security measures, monitoring is always advisable.
The Least Suspected Culprit
Reports have been made indicating insiders are often involved in theft of intellectual property. Insider thieves are often those in technical positions, making them experts at how the system monitors and safeguards information. This makes the individual the ideal candidate for circumventing that security with a minimum of detection. These individuals often already have a new employer, and the statistics show a disturbing trend.
1 in 5 were recruited not for the individual, but the data they could obtain. A quarter of those were known to give sensitive information to a rival company or country, with more than half taking that information within a month of leaving. Nearly three-quarters of those thefts occurred with people that were authorized to have that information. Over half of the thefts were trade secrets, but other types of information are also at risk. Billing information, price listings, administrative data, source code for programs, full proprietary software, consumer information, and business plans are all viable for theft and can be sold to others. The breaches are most often discovered my non-technical personnel rather than other experts.
Despite all these distressing statistics, insider threats are not without warning. Often, key changes in behavior can warn a company of impending issues. If an associate has drastic changes in their psychological predispositions, stressful events in their lives, or other monumental changes, it can make them far more likely to become a threat. Professional setbacks are also possible triggers for this threat. Behaviors that suddenly change can also be a key indicator, as they mean something else will change as well. The essence of “Trust but Verify” is to value your employees, and trust that the faith and training put in them is well-placed. However, blind trust can leave you vulnerable, and a confirmation that all is well is always preferable to assuming and not catching a risk.
To prevent a loss from insider threats, follow a few basic guidelines. For most employment, a series of checks are required to pass before access is granted. Background checks, basic tests for compatibility, and similar non-invasive measures are common in the job market. Ensuring that these are used regularly can help remove any likely threats before the opportunity even arises. Once a part of your workforce, a continuous evaluation process is wise. Using various measures such as credit checks or various reporting measures can monitor the behavior and professional pulse of an individual. One very effective method is an anonymous reporting program. This would allow peers to report suspicious behavior without fear of identification. Such is far preferable as a warning before than regret after a problem arises.
Lock Down Data Escaping
Data is not all equal, and understanding what information is most valuable can help you to prioritize and secure information or systems accordingly. Using appropriate safeguards is far more than a legal concern. Understanding what information your company can afford to lose, and what cannot be breached can give you presence of mind of where to concentrate security. Several services exist that offer monitoring of your information. Knowing how and where information is accessed can give you an idea of nominal behavior both for programs in the system, and individuals using it. Once you understand how the information is being used, then you can be aware of changes in that behavior. Being aware of a problem can be as simple as unusual requests for data or doing so at odd times.
Data has two ways of leaving a company. One is through software, networked systems or corporate email servers. That can easily be blocked using software. The other is physically, and such is easily confronted with something as simple as a security guard checking bags. Restrict access to discs or USB drives can also limit the available methods of theft. Even printers or copiers can be limited so certain files will not create a hard copy.