Breaking Bad: Is Your Business At Risk From Insider Threats?

Does Bill from accounting really need access to the server on which all your company’s proprietary blueprints are stored?

Photo:  Jamie Madison, Source: Courtesy Photo — Photo:  Jamie Madison, Marketing Director at Steadfast; Source: Courtesy Photo

What happens when good employees “break bad” and raise cain or challenge the very existence of your livelihood … even unknowingly?

Left to their own devices, research suggests 61% of employees will misuse enterprise files by sending unencrypted emails, failing to delete confidential files, or forwarding data to unauthorized recipients. Data loss is anticipated to far exceed data theft in years to come.

Better yet, those same employees are increasingly using third-party file sharing apps, none of which can be considered secure from a business perspective.

They aren’t malicious. They’re simply looking for a way to optimize workflow and a means of better collaboration. And yet they can cause just as much damage to your business as a skilled cybercriminal.

Consider the access your team has now to business critical data and information. Now imagine what an employee could do if they became disgruntled in any way and got it in their head to stick it to you.

“There are plenty of reasons to assume that most cyberattacks are the work of far-off bad guys with a political axe to grind or a head for fame and fortune,” writes IBM Threat Research Practice Leader Nick Bradley. “What’s not discussed is that 55 percent of all attacks are carried out by malicious insiders or inadvertent actors, also known as insider threats.”

According to IBM’s 2015 Security Intelligence Index, that 55% is a pretty even split between inadvertent actors and bad actors — 31.5% of attackers in a data breach are a malicious insider.  In other words, they’re people you’re predisposed to trust.

Worse still, they represent one of the fastest-growing threats in business — especially the enterprise market.

It’s imperative that you understand just how much trouble an insider can cause for your business — and that you understand how to mitigate that trouble.

Let’s dig deeper into that second part.

Here comes trouble

What can you do if an employee gets it in their head to mess with your business? What steps can you take to prevent them from causing too much damage?

1. Dedicate yourself to employee satisfaction

Although some malicious insiders are motivated purely by financial gain, there are plenty who are simply acting out because they’re disgruntled. They aren’t happy with the way their job’s going, so they lash out. Keep a close eye on your company culture. Do people seem happy to work at your company, or is the atmosphere so toxic it’s a wonder anyone can breathe?   Don’t underestimate how valuable simple management techniques like fairness, consistency, openness to new ideas, and empowerment can be to your business. Not only will everyone be more productive, there’ll be a much lower chance that someone will decide they want to make your organization pay.

2. Protect critical files

Especially now that most company data is being shared across more devices (and in the cloud) than one can count, it’s important that you have some form of document control solution in place. You need to make sure that you can easily control and rescind access to mission-critical files. Deprovisioning access to critical business files, even after they’ve left your office, is a powerful tool that stops data loss, heads off insider threats and boosts security and compliance across any business.

3. Regularly audit your systems for vulnerabilities

A few years back, I helped manage a database server for a small business. It wasn’t the best-organized gig in the world, I’m sorry to report – for the longest time, there was a glaring security hole in our firewall that would allow access to anyone who knew about it. Our security team was repeatedly made aware of the vulnerability, yet they consistently failed to patch it…  Until one disgruntled IT professional used it to give access to a criminal outsider that proceeded to delete every byte of information, backups included.  The lesson here? Security audits are your friend. And if you find a vulnerability, don’t let it go unpatched – mitigate it as soon as humanly possible.

4. Control access

Does Bill from accounting really need access to the server on which all your company’s proprietary blueprints are stored? Does Jessica from HR really need to be able to download employee financial information on a whim? Consider who has access to each piece of critical data, and ask yourself if they need that access to do their job.   And if someone leaves your organization, either by being fired or quitting? Rescind their access immediately.

Are you overlooking insider threats?

Ignorance isn’t the only insider threat your business needs to deal with. Malicious insiders can cause just as much damage as a well-meaning rube – sometimes more. It falls to you to make yourself aware of this threat, and take the necessary steps to mitigate it.

This article has been edited and condensed.

 Jamie Madison is the Marketing Director at Steadfast, a leading IT Data Center Service company. Steadfast specializes in highly flexible cloud environments, robust dedicated and colocation hosting, and disaster recovery. Connect with @steadfastnet on Twitter.

© YFS Magazine. All Rights Reserved. Copying prohibited. All material is protected by U.S. and international copyright laws. Unauthorized reproduction or distribution of this material is prohibited. Sharing of this material under Attribution-NonCommercial-NoDerivatives 4.0 International terms, listed here, is permitted.