Last week, the FBI issued a cyber security warning, stating there’s been an increase in data breaches caused by disgruntled employees on or around the time they left their employer. Employees were using their access to company data to…
- Make fraudulent purchases using company or customer data.
- Delete important data.
- Steal software.
- Steal business IP they could use at their next job.
Insider data breaches don't get the same attention on the news as cyber attacks caused by hackers, but inside attacks are a real threat. And the threat is growing.
The FBI warns that increased use of cloud computing means that employees are now better able to steal, delete, or manipulate a company's data. Simply put, an insider data breach is easier to pull off now than it ever was before.
As an IT consultant, you need to adapt to the changing threat landscape, adopting new strategies to counter shifts in cyber threats. Let's review the strategies you need to know to prevent insider data breaches.
6 Ways to Prevent Insider Data Breaches and Theft
Did you know that 35 percent of insider data breaches took longer than a week to discover? In fact, according to Verizon's 2014 Data Breach Investigation Report, 11 percent of insider attacks took over a month for IT consultants to find.
Given that data breaches can be hard to spot "in the wild," you have to take a proactive approach to preventing them. As you review your data security strategies, keep in mind these six ways to prevent insider breaches:
- Watch data around the time of employee departure. Many insider data breaches happen in the days before or after an employee leaves a company. Make sure you check data logs from the months leading up to an employee's departure. The sooner you catch a data exfiltration, the better.
- Close employee accounts when they leave. Given the way companies shift, it can be easy to forget that an employee has access to an area of IT they no longer work on. Any old accounts are liabilities. When an employee leaves the company, make sure all their accounts are closed and change passwords to any SaaS or cloud-based service they had access to.
- Make employees change their passwords from time to time. This strategy makes it harder for one employee to steal another's password. Because many default passwords aren't ever changed, also make sure employees set their own password when they first start working. If they don't, a malicious employee might be able to guess the default password and break into the company's account after leaving.
- Invest in data loss prevention software that will alert you to data exfiltration. Better data security software will flag data exfiltration. If a former employee tries to download certain types of data (whether it's to a thumb drive, FTP server, or their personal device), security software can alert you. This can help you catch these attacks when they happen.
- Gently let employees know that someone is watching. Let's face it, you don't want to creep out a client's employees and tell them that someone is watching them in case they do something illegal. But you also want to let the employees know that security measures are in place. Find a gentle way to do this. Maybe mention in an employee handbook that the company's security software can track exfiltration attempts and regularly screens for suspicious behavior.
- Know what facilitates insider data breaches. Almost 90 percent of insider data breaches are caused when a user misuses their data privileges. While there's little you can do about an individual who has network privileges and is determined to cause harm, it's helpful to keep in mind who has access to data. Generally speaking, IT managers should try to keep accounts with administrative access to a minimum.
Why should you be so concerned about a client's disgruntled employee? When a client is hacked, they can sue your business and claim that you should have put better security measures in place to prevent an insider data breach. From an IT liability perspective, it doesn't matter where the attack comes from –you're liable for a client's data security.
To learn more about covering your data breach liability, read about Errors and Omissions Insurance for IT companies.
