BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

How CEOs Can Protect Their Organization From the Inside-out

Posted June 22, 2012    Peter McCalister

Enterprise security is a topic that makes headlines every day. From successful hack attacks to stories of unsuspecting or malicious employees putting their company’s data at risk, it would seem that no company is immune. In order to truly secure the companies we are responsible for, it’s helpful to put ourselves in the frame of mind of our employees to give us a leg-up on how to protect our organizations from the inside-out.

According to a recent report by the Ponemon Institute titled, The Human Factor in Data Protection, employee negligence or maliciousness is the root cause of many data breaches, with more than 78 percent of respondents blaming employees for at least one data breach within their organizations over the past two years.

Looking at 2011 alone, we saw countless government and financial institutions sabotaged from the inside-out. Let’s start with perhaps the most high-profile case of all – WikiLeaks. The national security risks this posed were immeasurable, not to mention the financial resources it cost the government to respond and react to the information disclosed.

Or what about Computershare? Just days after chairman and founder, Chris Morris, said first-half earnings per share would be down 15 percent, news leaked of an alleged rogue insider at the company. A former employee, (ironically a risk management auditor for the firm) had pilfered thousands of pages of company documents after illegally siphoning them onto a USB drive and then reportedly losing it. And even more recently, solar company SunPower, made news for suing five former employees and Bay Area rival SolarCity, alleging the former employees stole “tens of thousands” of highly sensitive computer files before going to work for the competition.

What these incidents clearly illustrate is that trusted insiders can pose great threats to organizations, but little is being done to mitigate these risks. Insider threats are becoming more prevalent because of the mobility of the workforce, proliferation or mobile data-bearing devices, consumerization of IT and the use of social media in the workplace. “Trusted” employees, partners and vendors operating from inside the perimeters of our organizations can do more damage, faster, than any hacker ever could. It would serve us all well to recognize a few key risky practices employees routinely engage in that have the potential to get us on the front page of the New York Times – but not for the reason we want.

First is password management. Reusing the same password and username for multiple account logins poses a greater risk of compromise, as does the sharing of passwords with others. It’s not uncommon for outside hackers to manipulate employees into sharing password information, sometimes even going so far as to pose as a colleague, and then using that information to launch their attack.

Next are employees that don’t delete information from their computers when it’s no longer necessary to save. This becomes especially dangerous if said employee travels regularly, as lost and stolen laptops are one of the biggest risks organizations face in the fight against accidental insider threats.

And of course we can’t forget the BYOD trend of employees wanting to connect their personally owned devices to corporate networks. Whether it’s a personal cell phone or tablet, or something as simple as a generic USB drive that isn’t safeguarded, these outside devices open gaping holes in any security infrastructure. Just ask Computershare how that played out.

Is there a silver bullet to protect from these human tendencies? Unfortunately, no. However, better managed privileges, along with the judicious use of IT vulnerability management reduces not only the likelihood of attacks, but also just how far the ripple effects of attacks can travel through your organization.

The bottom line is insiders pose threats to what we choose not to defend – or fix. In order to prevent 2012 from becoming another year where insider threats are making headlines on a daily basis we as CEOs need to think like an insider, examining our corporate networks for holes where an attacker or a disgruntled employee could take advantage or a mistake could be made. At the intersection of people, processes and technology that makes up the engine of modern business, it’s human nature that is the weakest link.

Leave a Reply

Additional articles

CyberResiliency

6 things I like about Gartner’s Cyber Resiliency Strategy

Posted August 27, 2015    Nigel Hedges

There were 6 key principles, or recommendations, that Gartner suggested were important drivers towards a great cyber resiliency posture. I commented more than once during the conference that many of these things were not new. They are all important recommendations that are best when placed together and given to senior management and the board – a critical element of organisations that desperately need to “get it”.

Tags:
,
powerbroker-difference-1

Why Customers Choose PowerBroker: Flexible Deployment Options

Posted August 26, 2015    Scott Lang

BeyondTrust commissioned a study of our customer base in early 2015 to determine how we are different from other alternatives in the market. What we learned was that there were six key differentiators that separate BeyondTrust from other solution providers in the market. We call it the PowerBroker difference,

Tags:
, ,
Mac-Security-Enterprise

On Demand Webinar: Security Risk of Mac OS X in the Enterprise

Posted August 20, 2015    BeyondTrust Software

In the last several years, Mac administrators have come to realize that they may be just as vulnerable to exploits and malware as most other operating systems. New malware and adware is released all the time, and there have been serious vulnerabilities patched by Apple in the past several years, some of which may afford attackers full control of your systems.

Tags:
, ,