Negligent Employee: A dangerous internal cyber threat

As organizations cope with the changing world of cybersecurity which continues to evolve at a frantic pace, they sometimes forget to neglect the danger that stares at them in their face.

Seqrite May 17th 2018 A-A+

Sometimes, the biggest dangers come from within. As organizations cope with the changing world of cybersecurity which continues to evolve at a frantic pace, they sometimes forget to neglect the danger that stares at them in their face. The human element can be often the most susceptible element of a cyber attack – and for many businesses, it is their employees who can pose the greatest risk.

Insider threats, by their very name, originate from within the company. Whether it is employees or former employees, anyone internally associated with the enterprise causing harm to the company’s private and confidential information through malicious intent, negligence or accident is classified as an insider threat.

According to one report, insider threats could account for nearly 75 percent of security breaches. If you look at the issue more closely, you can understand why an enterprise could be at so much risk. While standard cybersecurity solutions will install a strong perimeter of defence around your enterprise’s secure data, internal stakeholders can access the data with just a few clicks. Hence the potential for damage, whether inadvertent or deliberate, is maximized. Organizational security is at its weakest within the network than outside the perimeter.

Insider threats are defined in three types:

Accidental mistakes: These can occur due to genuine human errors on part of an employee. It can refer to not properly recognizing a phishing mail and delivering personal data, clicking on suspicious links, downloading an infected attachment, access sites with malware loaded on them, etc.
Negligence: These can arise due to circumvention of security policies by employees without any malicious intent. This can involve activity like sharing data on unsecured networks, transferring confidential data on removable devices, providing easy-to-crack passwords and others.
Malicious Insider: These occur when employees breach security policy intentionally and out of malicious intent. This can involve disgruntled employees or former employees who want to cause harm to the organization.
But it’s not rocket science to deal with insider threats. A combination of proper policies and awareness training goes a long way in mitigating the risks. Some of the ways enterprises can deal with insider threats are:

  • Implement Access Controls:- The key to creating a proper access control policy is simple – the more confidential and more proprietary the data, the less people should be able to access it. There should be clear guidelines about the importance of the data in question, its importance, the number of people that can access it and the procedure to access it.
  • Monitoring File Activity:- There must be a system in place to monitor activity around confidential and important files for network administrators. Any suspected anomaly must be immediately flagged and escalated for further action. Seqrite’s Endpoint Security (EPS) solution provides such a file activity monitor which can be useful.
  • Mobile Device Management (MDM):- In an age where cell phones are omnipresent, organizations are waking up to the fact that their employees conduct a huge portion of their work on their personal or company-provided cell phones. While providing cybersecurity measures for traditional laptop/computer based models is important, one cannot neglect implementing some sort of Mobile Device Management (MDM) solution, like say Seqrite’s Mobile Device Management which allows enterprises to grant their employees the privilege of mobile productivity without boundaries.
  • Data Loss Prevention (DLP):- A Data Loss Prevention (DLP) solution helps prevent data loss by monitoring confidential and user-defined data shared through removable drives, networks or various applications.

Ultimately, it is incumbent on enterprises to implement strong security solutions which do the job, both externally and internally. Seqrite’s Endpoint Security (EPS) is a good option in that respect – with features like DLP, Advanced Device Control and Asset Management, it protects an enterprise from today’s advanced threats.