Skip to main content
search
0
Tag

cybersecurity

Nov 14

Insider Threats Are Getting More Dangerous! Here’s How to Stop Them

By Cybersecurity No Comments

One of the most difficult types of attacks to detect are those performed by insiders. An “insider” would be anyone that has legitimate access to your company network and data. This would be via a login or other authorized connection.

Because insiders have authorized system access, they bypass certain security defenses. Such as those designed to keep intruders out. Since a logged-in user isn’t seen as an intruder, those security protections aren’t triggered.

There are three troubling statistics from a recent report by Ponemon Institute They illustrate the importance of addressing this threat. Insider attacks are getting worse, taking longer to detect and becoming more extensive. The report found that over the last two years:

  • Insider attacks have increased by 44%
  • It takes organizations 85 days to contain an insider threat, compared to 77 days in 2020.
  • The average cost of addressing insider threats has risen by 34%

It’s important for companies to understand what makes up an insider threat. That’s the first step towards mitigation.

4 Types of Insider Threats

One reason that insider threats can be hard to detect is that there is not just one kind. Employees, vendors, and hackers can all perpetrate insider security breaches. To further complicate detection, some may be malicious and others accidental.

Here are the four main types of insider threats faced by company networks.

Insider Threats Are Getting More Dangerous! Here's How to Stop Them
[Unsplash]

Malicious/Disgruntled Employee

A sales employee that is leaving the company may decide to take all their contacts with them. This is a malicious theft of company data.

Another example of this type of insider attack is a disgruntled employee. They may be upset with their manager who just fired them and decide to do the business harm. They could plant ransomware or make a deal with a hacker to give over their login credentials for cash.

Careless/Negligent Employee

Some insider threats are due to lazy or untrained employees. They don’t mean to cause a data breach. But may accidentally share classified data on a nonsecure platform. Or they may use a friend’s computer to access their business apps. Being completely unaware of the security consequences.

3rd Party with Access to Your Systems

Outsiders with access to your network are also a very real concern. Contractors, freelancers, and vendors can all constitute an insider breach risk.

You need to ensure that these third parties are fully reviewed. Do this before you give them system access. You should also allow your IT partner to review them for any data security concerns.

Insider Threats Are Getting More Dangerous! Here's How to Stop Them
[Unsplash]

Hacker That Compromises a Password

Compromised login credentials are one of the most dangerous types of insider threats.

This has now become the #1 driver of data breaches around the world.

When a cybercriminal can access an employee’s login, that criminal becomes an “insider.” Your computer system reads them as legitimate user.

Ways to Mitigate Insider Threats

Insider threats can be difficult to detect after the fact. But if you put mitigation measures in place you can stop them in their tracks. Being proactive keeps you from suffering a costly incident. One that you may not know about for months.

Here are some of the best tactics for reducing insider threat risk.

Insider Threats Are Getting More Dangerous! Here's How to Stop Them
[Unsplash]

Thorough Background Checks

When hiring new employees make sure you do a thorough background check. Malicious insiders will typically have red flags in their work history. You want to do the same with any vendors or contractors that will have access to your systems.

Insider Threats Are Getting More Dangerous! Here's How to Stop Them
[Unsplash]

Endpoint Device Solutions

Mobile devices now make up about 60% of the endpoints in a company. But many businesses aren’t using a solution to manage device access to resources.

Put an endpoint management solution in place to monitor device access. You can also use this to safelist devices and block unauthorized devices by default

Multi-factor Authentication & Password Security

One of the best ways to fight credential theft is through multi-factor authentication. Hackers have a hard time getting past the 2nd factor. They rarely have access to a person’s mobile device or FIDO security key.

Insider Threats Are Getting More Dangerous! Here's How to Stop Them
[Unsplash]

Couple this with password security. This includes things like:

  • Requiring strong passwords in your cloud apps
  • Using a business password manager
  • Requiring unique passwords for all logins

Employee Data Security Training

Training can help you mitigate the risk of a breach through carelessness. Train employees on proper data handling and security policies governing sensitive information.

Network Monitoring

Once someone has user access to your system, how can you catch them doing something wrong? You do this through intelligent network monitoring.

Use AI-enabled threat monitoring. This allows you to detect strange behaviors as soon as they happen. For example, someone downloading a large number of files. Or someone logging in from outside the country.

Need Help Putting a Stop to Insider Attacks?

A layered security solution can help you mitigate all four types of insider threats. We can help you with a robust yet affordable solution. Contact us today for a free consultation.

Nov 04

Checklist For Better Digital Offboarding Of Employees

By Cybersecurity No Comments

The departure of an employee leaves behind a trail that can be used by hackers to steal company data. In order for businesses to protect themselves, Digital Offboarding must happen before they leave the workplace so as not give up any advantages over potential competitors or informers within your organization who may have had access while working there.

When an employee leaves a company, there is a process that needs to happen. This is the process of “decoupling” the employee from the company’s technology assets. This digital offboarding is vital to cybersecurity.

Checklist For Better Digital Offboarding Of Employees
[Pixabay]

It is crucial to secure your company’s data. 20% of surveyed businesses have experienced a breach from former employees and it can have serious consequences for you as well!

The digital offboarding process is a critical step in reducing risk for former staff members. This checklist will help you cover all your bases and protect company data from potential hackers.

Your Digital Offboarding Checklist

Knowledge Transfer

Vast corporate knowledge can disappear when a person leaves an organization. It’s important to capture this during a digital offboarding process. 

Checklist For Better Digital Offboarding Of Employees

[Pixabay]

This could be something as simple as what social media app someone used for company posts. Or it may be productivity leveraging. Such as the best way to enter the sales data into the CRM.

You must make sure to do a knowledge download with an employee during the exit interview. Better yet, have all staff regularly document procedures and workflows. This makes the knowledge available if the employee is ever not there to perform those tasks. 

Address Social Media Connections to the Company

It may be time to address any social media connections of the former employee. Was their personal Facebook account used in connection with your company’s page? Do they post on LinkedIn too, or other sites where you have an official presence as a business figure?

Identify All Apps & Logins the Person Has Been Using for Work

In today’s world of Bring Your Own Device (BYOD), there are many ways employees can use their own devices for work purposes. As you might expect, this opens up new security risks that must be mitigated before they become problems.

If you don’t already have a list of all the apps and website logins that an employee uses for work, make sure your HR or IT department document these. You may also want to explore ways in which these can be addressed – either by changing their login credentials on certain applications if it’s necessary (or) exporting data from them before closing them down completely so no more information gets lost than necessary.

Checklist For Better Digital Offboarding Of Employees

[Unsplash]

Change Email Password

When an employee leaves, their account should be closed and the password changed. This will prevent them from accessing company information or emailing as a former representative of your business —which could cause major problems if they have access to customer data.

Change Employee Passwords for Cloud Business Apps

The best way to protect your company data is by changing all other app passwords. People often access business apps on personal devices, so just because they can’t log in anymore doesn’t mean you should let them remain active with old accounts.

In order to simplify the process of changing passwords, you can use a single sign-on solution. This will lock them out regardless if they’re using an app or browser on their phone – just one click and it’s all done!

Checklist For Better Digital Offboarding Of Employees

[Unsplash]

Recover Any Company Devices

Make sure you recover any company-owned devices from the employee’s home. Remote employees are often issued equipment to use, so it is important for a manager or IT team member assigned as their “contact person” in order manage these items properly when they leave your company.

Do this as soon as possible to avoid loss of the equipment. Once people no longer work for a company, they may sell, give away, or trash devices.

Recover Data on Employee Personal Devices

When companies offer Bring Your Own Device (BYOD) policies, they save money by cutting down on expensive hardware costs. The downside is that it can be more difficult to offboard these devices.

Companies need to make sure that all company data is backed up on any device they use. If you don’t already have a backup policy in place, now would be an excellent time create one!

Transfer Data Ownership & Close Employee Accounts

Closing old employee cloud accounts is a great way to save money and keep your company safe. Imagine if you had left that unused account open for six months before realizing something was wrong? The criminal could’ve hacked into their data as soon as they gained access, stealing all sorts of information about clients or even committing crimes with it.

Checklist For Better Digital Offboarding Of Employees

[Unsplash]

Revoke Access by Employee’s Devices to Your Apps and Network

By using an endpoint device management system, you can easily revoke any employee’s devices from a list of approved devices. Remove the former employee’s device from any approved device list in your system.

Change Any Building Digital Passcodes

Be sure to change any physical access codes for the building, such as digital gate or door passcodes so the person can no longer gain access.

Need Help Reducing Offboarding Security Risk?

The process of addressing digital offboarding becomes easier and less risky when you take proactive measures. Contact us today for a free consultation to enhance your cybersecurity.

Close Menu