Many companies think of hacker attacks – such as those involving ransomware, Trojans or malware – as the biggest risk to security. However, network vulnerabilities are not always exploited by outsiders. The company’s own staff may have wide-ranging access permissions and use these to misuse corporate data. Few organisations are as well-equipped with tools and measures to block insider attacks as they are against threats from outside.
The following five tips help companies ensure that they’re effectively protected against data loss and theft by insiders.
1. Implement a range of different access permissions
To protect sensitive data, it’s important to ensure that staff from different departments have the access permissions they need for their job. That helps firms enforce a “need-to-know” principle. In other words, employees can’t access certain documents or data unless they need them for a specific task or project. Using varying permission levels, companies can set up “Chinese walls” within the company that prevent information being shared between departments. This measure helps to limit the impact of any loss of data.
2. Use highly secure two-factor authentication
It’s a good idea to implement two-factor authentication as a further measure to minimise risk. To access the system, users enter their password first, but also need to enter a pin number that is texted to their mobile device and is only valid for a single session. As a result, insider attackers can’t access sensitive information or data – even if they have stolen other users’ passwords.
3. Shield your information
Operator shielding provides an extra layer of security for data – because IT providers and operators should not have access to your files and documents under any circumstances. And administrators’ access rights should be strictly limited to the information they need for their job.
4. Implement information rights management
You can use information rights management technologies to monitor your sensitive documents and prevent them from being downloaded by unauthorised users. IRM is an effective way to ensure you keep control over your documents, even when users have the necessary permissions to access them. In addition, watermarks can be embedded in them dynamically, helping to prevent users from making screenshots. These measures help to ensure that data stays within a protected environment and doesn’t fall into the hands of third parties or anyone not involved in working on it.
5. Record activities in a tamper-proof history
Logging every activity in a tamper-proof history helps you hinder data theft by insiders and – if an incident does arise – to find out exactly what happened after the event. That gives you transparency and traceability throughout the information flow.
Mark Edge, Regional VP of Brainloop, comments on the growing threat of insider attacks:
“Over the last few years, we’ve observed how data loss incidents can increasingly be traced back to insiders. Companies often make it very easy for their staff to access and distribute sensitive data due to insufficient security standards and precautions. Yet the company’s image isn’t the only thing to suffer in cases of data theft. The financial and legal consequences can be considerable and even threaten the firm’s survival. This is why Brainloop recommends that companies implement and comply with the standards described above to minimise their exposure to risk.”