Data is your business’ most critical asset. Keeping it secure and available are essential to keeping the business running. From Internal threats to external breaches, we encourage all companies to take a good look at their business and determine how secure their data really is.
We’ll first take a look at internal threats. Internal threats often happen from an employee, a contractor or even a vendor who has access to your organization’s sensitive information. Often we even see accidental malicious behavior within organizations from our team members. Unfortunately, this is not uncommon for businesses to experience and while there is no guaranteed way to ensure this is completely avoided, there are preventative measures your business can take. To begin, we’ll break down what exactly an internal threat is, what to be aware of and your security approach.
An internal threat is defined as a current or former employee, contractor, or other business partner who has or had authorized access to an organization's network, system, or data and intentionally misused that access to negatively affect the confidentiality, integrity, or availability of the organization's information or information systems. Internal threats are very dangerous since internal employees typically have legitimate access to sensitive data, keep friendly relationships with other insiders and know what’s valuable and where to locate it.
Knowing this, how can one prepare to combat accidental malicious behavior? First, we must understand what’s in front of us.
As far as employee behavior to monitor, businesses should watch things like the following:
- Remotely accessing the network while on vacation, sick or at odd times
- Works odd hours without authorization
- Notable enthusiasm for overtime, weekend or unusual work schedules
- Unnecessarily copies material, especially if it is proprietary or classified
- Interest in matters outside of the scope of their duties
- Signs of vulnerability, such as drug or alcohol abuse, financial difficulties, gambling, illegal activities, poor mental health or hostile behavior,
- Warning signs such as the acquisition of unexpected wealth, unusual foreign travel, irregular work hours or unexpected absences
And it doesn’t stop there. Additional behavior to be aware of can include but is certainly not limited to:
- Exporting structured data to unstructured files on work computers
- network shares, or external media
- Attaching files to personal accounts
- Web-based Email
- Storing Company data in personal cloud storage account (Dropbox, etc.)
- Use of USB storage devices
- Printing of critical data in bulk and Installation of unauthorized software on work computers
Now let’s take a look at external security breaches. We have seen phishing attacks more often through two factor authentication, emails and phone (text messaging). Hackers are attempting to obtain two factor authentication codes from their victims by notifying of a password reset or some other type of account security message that requires action. Text messages from unknown numbers and emails from unfamiliar senders are also appearing more often stating the need for credential information or trying to connect with a familiar contact regarding important means.
Businesses should be aware and encourage the following when it comes to external security:
- Stay alert when receiving notification emails and text messages about your accounts
- Only open attachments and documents from trusted sources
- Utilize security keys with Two Factor Authentication
- Be careful when providing your personal information such as your cellphone number to people unless you know exactly who they are
Employee education is a vital factor to lower your security risks. Employers should train their employees to recognize phishing emails and conduct internal training sessions to improve security awareness. Providing effective security practices such as two-factor authentication for access is highly recommended as well. At CHIIPS, we have a collection of best-of-breed security tools to secure access and authentication and keep systems safe from all types of attacks, whether they be internal or external. We take a very proactive approach to security in everything from logging and recording to threat-hunting and AI powered anti-virus. With these tools, top of mind security awareness and reminding employees of your internal policies and procedures are all strong preventative measures that can go a long way.
For further information about understanding security threats, please reach out to us directly at firstname.lastname@example.org and one of our vCIO’s will discuss further with you what to be aware of within your organization.