Threats behind defenses- your greatest weaknesses are already inside

Threats behind defenses- your greatest weaknesses are already inside

When attempting to secure your information, the viability of each individual threat must be met appropriately. You cannot afford a complete lockdown of all information, as that can cripple any infrastructure. Instead, you need to work to address the threats with due diligence. As you cannot be sure how you will be attacked, you instead learn to defend in a general sense, and then prioritize your information. The bill for your coffee in the break room is nowhere near as important as customer invoices. Those are nothing compared to the personal information of the managerial team. So, the right steps are taken for defense, and further steps taken based on the level of security needed. You as a business owner or employee take steps to isolate your data storage both physically and electronically. Transmission of information is encrypted or even kept within a closed network whenever possible. Access is restricted to specific people or possibly even only approved endpoints identified by the system. However, you have a significant problem that cannot be completely mitigated.

Risks of Insiders

Employees are, as cliché as it sounds, unique. Each one has different motivations and influences. Some will become disruptive, and others can become dangerous. Employees already inside your business and systems are able to reach confidential information and use it against you, or provide it to competitors. Understanding the nature of an insider threat can help you prepare for that sort of challenge. While the largest risk, it is also something you can be ready to handle, possibly even prevent. According to the government, intellectual property theft has exceeded $250 Billion a year. A majority of those losses were from insider threats. Most security measures are to isolate and restrict information, but companies often make the assumption that keeping information in-house is enough to keep it safe. Such is not always true.

Insiders are quite often involved in the theft of intellectual property. Those that engage in such are often in technical positions, the perfect experts to obtain information. Individuals hired for their expertise to construct company infrastructure become the ones able to most easily bypass security measures. Those that steal information often already have a new employer ready, occasionally the very one they are stealing for. About one in five recruits for such companies are done so precisely for this reason. A quarter of those were known to give information to rivals of their current employer or even country with more than half doing this within a month of their departure. Nearly three-quarters of the thefts were done by those authorized to have the information to begin with. Over half of the secrets stolen were trade secrets, but any valuable information is a target. Source code for programs or full proprietary software, consumer or billing information, business plans and information, all are viable sources of theft. Most often, the theft is not detected until far later by somebody non-technical noticing something off.

The greatest preventative measure against an insider threat is attention. Getting to know your team, and managers knowing their people can be a great asset. Not only for cooperation among workers, but as a way of knowing when something is going on. “Trust but Verify” is a common phrase. Those that have earned security clearance can have situations change, and their behavior changes with it. Drastic changes in lives can inspire the need and vulnerability insider threats become. Psychological predispositions, stressful events in their lives, or other monumental changes can make them far more likely to become a threat. Professional setbacks are also possible triggers for this threat. Behaviors that suddenly change can also be a key indicator, as they mean something else will change as well.

Prevent data loss

Understanding how to prioritize information’s value is essential for effective security. As a business owner or operator, you need to understand what information your company can afford to lose, and what must not be breached. The former can be protected, but the latter must be heavily reinforced against loss. The more sensitive the information, the more it must be understood on the use of it. Learning how and when it is accessed is a beginning, but knowing normal behavior is even better. Be aware of programs, people, and devices that are able to access information is better when you know normal behaviors of access. When something, even an authorized endpoint, begins to act abnormally, that is a warning you must be aware of and ready to take advantage of.

Data has two ways of leaving your security. First is through software, using a network of systems or emails. Devices can access wirelessly and prove another way to reach your information even when not physically within the area. Be aware of how far your company wifi reaches. Using preventative programs can restrict access as well to monitor the system. Also be aware of the devices that access systems publicly. A printer, for instance, keeps a temporary copy of the items it has printed recently. Those can be reprinted, or even have the memory physically taken and none are the wiser until it is too late. The other way is physically. Be ready to search individuals for small items like thumb drives or other storage devices. Memory storage capability has advanced magnificently in recent years, making more and more information able to be transported on smaller devices. Ranging from phones to drives or even a portable hard drive, checking a pocket or briefcase can save anywhere from a couple megabytes to petabytes of information.

Recent Posts