Protecting Your Business From Insider Threats

Insider threats are an ever growing epidemic in today’s work environment. Most companies are not immune to them and in many ways ill prepared to handle threats that occur from inside the perimeter. As industry experts, we have heard all too often from clients that they have already had an employee leave with company confidential data and they want to make sure this does not happen again and seek to implement software to protect them. It is great that they identified there is need to have deeper security measures in place, but why are so many companies reactive as opposed to proactive?

It has been reported by SmallBusiness.com that nearly 80% of SMB’s have no digital response plan. The survey goes on to suggest that 63% of the companies surveyed admit that they have been victims of at least one attack. Let’s think about that for a minute, 80% have no plan… why? Either companies must think that their employees are not capable of stealing data or management believes they already have tools in place to protect them. Then take a look at the other stat, 63% admit to having been subject to at least one attack. It reads like most don’t think they need a response plan and because of that, they have been attacked.

Data theft and attacks can come from many different sources, externally by hackers, computer virus, phishing schemes, and so on. This is somewhat protected by firewalls, anti-virus, and anti-malware applications. What most companies fail to see is that these trusted tools only protect against the threats outside the perimeter trying to get inside.

While attacks from the outside occur and need protection, it does not mean that organizations are protected from insider threats. It also means that the implemented tools to protect from external attacks will help companies defend against an internal threat. It’s like trying to force a square peg in to a round hole…  It is critical that companies take proper precautions to protect their digital assets from both internal and external threats.

Below are a few suggestions to protect against internal threats;

• Implement a Data Security Response Plan
  • This could be as simple as an Acceptable Use Policy that include actions and consequences with respect to confidential data, how to properly manage Intellectual Property, and who ultimately owns the data.
• Deploy Data Loss Prevention Software
  • Blocking file types from being transmitted via email, webmail, and USB will significantly reduce the ability to commit data theft, but be advised, it will not stop everything
• Use Employee Monitoring Software
  • The use of this software will bridge the gaps you have with data protection by recording everything that is being done on the Internet and computer. DLP will do a great job preventing some data from being leaked, but certainly not all. Employee monitoring software coupled with DLP software provide a stronger perimeter than traditional external tools like Anti-Virus, Anti Malware, and Firewalls, etc..
• Automate The Process
  • It is one thing to implement a plan and deploy tools designed to eliminate insider threats, but let’s face it, there is a mountain of data to sift through and you likely do not have the time to look at every data point. Automate the data points that will trigger an alert to you or a team of people when a suspected insider threat may be looming.
• Set Up User Behavior Analytics
  • Visualize standard user activity benchmarks, such as number of emails sent/received, number of websites visited, number of IM/Chat conversations, number of files accessed or modified, etc. Let’s say that the average employee in the office sends 5 excel documents via email each day. User behavior analytics can allow you to create reports and receive notifications when current behavior deviates from the benchmark.

Employers today need to recognize that employees represent their greatest competitive asset, and thus their greatest potential threat. With a business climate that recognizes that employees have access and knowledge of critical data, companies need to find solutions that mitigate the greatest threat to organizations, one being the insider.

InterGuard eliminates insider threats and protects company confidential data by recording/blocking all activity on PC’s and Mac’s on or off the network along with automated reports and alerts sent via email. And with our Data Loss Prevention software, you will be able to view and block sensitive data from leaving via email, web forms and removable media as well as data saved on local drives (even remote laptops). In most businesses, human capital is your most significant cost. While PCs can increase staff productivity, they can also leave companies vulnerable to insider threats which can bring business to its knees. Worse than an actual insider threat is not knowing the “who, what, where and when. By recording all PC activity, both on or off network, InterGuard helps you maximize employee productivity by ensuring that your resources are focused on work. With ROI in excess of 3000%, you can stay ahead of the competition and eliminate insider threats!