- NG Firewall
Solutions by Industry
Solutions by Issue
Both the FBI and Verizon painted the perpetrators of insider threats as often being disgruntled employees with an ax to grind or rogue agents looking to help themselves or someone else. But, this doesn’t provide a full picture of the entire threat landscape. For one, employee error is also a common cause of data leaks.
Either way, robust training for all employees can help businesses better deal with this threat vector. Not only can additional employee know-how help prevent damaging accidents, but this knowledge can provide those on the ground with the tools and insights needed to stamp out data breaches brewing within their midsts.
Network monitoring is typically established to look at what’s trying to access the network, but it’s rarely used to see how traffic behind the firewall is behaving. Such a system can help root out anomalous activity, but it must be deployed in such a way so as not to infringe heavily on the privacy of workers. But, it would be useful for seeing if employees are logging onto the network while on PTO or from an unusual location, as those could be signs that an insider breach is in the works.
According to the FBI, personal debts, political motivations, anger at upper management and dozens of other reasons may compel an employee to perpetrate a data leak against their employer. An outside agency or expert won’t have such motivations, and thus is often less likely than an internal hire to lead to a data leak. Still, such consultants are far from a panacea in this arena, as there have been some well-publicized examples of outside hires single-handedly perpetrating or assisting in a breach.
Not all employees need access to all data, and it is perfectly sensible to shield access to the most critical data to only a select few. This level of segmentation can help ensure that most employees are never in a position to cause a major data leak in the first place. Data and network segmentation can be a great way to prevent the vast majority of both intentional and accidental issues from ever cropping up, although it is far from foolproof on both fronts.
“Many employees are given full administration rights without proper accountability. This provides an opportunity to perpetrate an insider attack with a low risk of being detected,” Derek Smith, a Fellow and Adjunct Professor at Excelsior College, wrote in a March 2016 blog post. “Without privileged administration controls, there is no way for security professionals to control this ‘security blind spot.'”