An Inside Job

By Peter Davey

Where do you focus your security? Most businesses have a combination of firewalls, intrusion detection and other systems that are trying to keep the bad guys out. According to the 2010 Verizon Data Breach Report a large majority of data breaches are caused by people already on the inside. 48% occur as a result of employees stealing confidential information. Some do it themselves, but many are in league with organized crime or other outsiders. A look at the recent issues with WikiLeaks and the US government is a great example.

There are also a growing number of incidents where employees unintentionally lose information. Someone may accidentally email a document to the wrong person. An employee may copy confidential files onto a USB drive and lose it. Or perhaps someone left a confidential document at a printer.

According to an IDC report on Insider Risk Management organizations experienced an average of 14.4 reported incidents of unintentional data loss because of employee negligence in the past 12 months. Some were deliberate, but many were accidental. Areas of concern are media loss, unauthorized access to confidential information, deliberate information security policy violations and internal fraud. Whether people are inadvertently violating corporate policy or just being negligent, the result is the same. You are losing sensitive information.

Stolen data can cause public relations, legal, financial and customer problems. Many people think it’s just customer data that goes missing. It’s also your business plans, trade secrets, sales forecasts and other information critical to your business. If you are creating the next generation smart phone or laptop, leaked designs and manufacturing information could be the difference between success and ruin.

Reducing vulnerabilities posed by internal users needs to be a key priority in any organization’s security strategy. First you need to understand what you have and who has access to it. This is a critical first step needed to safeguard your information. Next you can develop and implement plans to mitigate your risk.

Controlling and protecting your most critical information starts with a few simple tips:

  1. Classify high-risk information and determine who has access to it.
  2. Create policies and processes to limit access to authorized personnel.
  3. Deploy technology to implement the policies and processes.
  4. Educate employees on policy changes and train them on new technologies and procedures.
  5. Report on the results and repeat starting with step 1.

Organizations need to focus on insider threats. It’s not enough to have IT focus on security. Everyone needs to have a role in protecting information and identifying security blind spots. Understanding the risks and creating policies and processes are the first order of business. You can then deploy technology to properly protect data throughout its lifecycle (both physically and digitally).


Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>