Prevent Insiders from Breaching Your Data
Companies like Yahoo, eBay and Equifax all learned the hard way that protecting your data from hackers is of the utmost importance. I mean, a data leak can ruin your company’s reputation forever. But did you know that you might have a bigger problem than outsider threats? And what if that threat was actually coming from the inside? Is your company ready for that?
Here’s some food for thought: 8 out of 10 breaches require the assistance — intentionally or unintentionally — of internal users!
To turn a blind eye to the problem of insider threats would be a big mistake. It’s time to take the bull by the horns, face the problem, and take the appropriate measures to protect your privileged accounts from any kind of attack.
The Reasons Behind an Insider Breach
Here are some of the ways insider leaks most commonly happen:
- The Accidental Leaker: These are users who fall victim to a phony “phishing” email, text, IM or social media message. Many of these campaigns are designed to deploy advanced persistent threats (APT), which means that nobody knows that devices/networks have been breached for quite a while. According to research conducted by the Ponemon Institute, it takes organizations an average of 6 months to detect a breach — and many take over a year, as was the case with the notorious Sony breach.
- The Compromised Insider: These are users whose identity and/or devices have been compromised by hackers. While all users are at risk of this, sysadmins, network engineers, database administrators, and other privileged users have a big (virtual) target on their backs at all times.
- The Disgruntled Employee: These are users who are mad at their employer (or certain colleagues) and try to exact revenge. Often, these unhappy users work behind the scenes so they can wreak havoc and cause misery.
- The Double-Agent: These are users who act happy and compliant, but behind the scenes they’re stealing data for profit. And if that’s not scary enough, the courts are starting to hold employers “vicariously liable” for the financial damage caused by rogue employees.
Read the entire article here, Prevent Insiders from Breaching Your Data
Via the fine folks at Devolutions