With ransomware, trojans and malware in the news, companies often think hackers are the biggest security risk. But it’s not always external attackers who exploit vulnerabilities in the company network. Your own staff may be able to use their extensive access permissions for data misuse – and without much effort. It’s rare for organisations to be as well equipped with tools to prevent internal attacks compared to those coming from outside.
Here are five tips to help you protect your company effectively against data losses caused by internal perpetrators.

1. Introduce differentiated access rights

To protect your sensitive data, you can grant staff from different departments the appropriate access rights for their work. In doing so, you’re achieving the goal of the need-to-know principle. In other words, your employees don’t get access to documents and data sets unless they need it specifically for a task. You can use different security levels to set up what’s known as “Chinese walls” within the company. These prevent data being shared between various departments and will limit the extent of any data loss.

2. Use high-security two-factor authentication

To keep the risk level as low as possible, you would be well advised to use authentication in two steps as a second protection measure. For example, users aren’t only asked to enter their password, but also the security code from the Authenticator app on their smartphone. The code is only valid for a single session. So even if an internal perpetrator steals a password, they can’t get access to sensitive information and data.

3. Shield your information

Another way to protect your data is with shielding. System and service providers should never have access to your files and documents. And shielding also lets you limit the access rights of your administrators to the information relevant to their job.

4. Implement Information Rights Management

Information Rights Management technologies enable you to monitor sensitive documents and protect them against unauthorised downloading. IRM gives you effective control over documents, even when users are authorised to access them. In addition, dynamically-embedded watermarks prevent screenshots too. That way, your data stays in its protected environment and can’t fall into the wrong hands or be accessed by unauthorised users.

5. Use a tamper-proof history log

It’s a good idea to log all activities in a tamper-proof history to prevent data theft by insiders – or uncover who did what after a theft. That gives you end-to-end visibility and traceability in your information flows.


Information Security


This could also be of interest:

IP management: protect your trade secrets and intellectual property

Data theft, hacker attacks, viruses and trojans – cyber-attacks have been increasing for years now and have become a familiar phenomenon in our society. But…

Cryptic messages: an ABC of encryption

There have always been secrets. And people have been trying to protect their intellectual property from prying eyes for almost as long. For example, the…

All about Information Security Management System @ Brainloop

Information security is paramount to our reputation and that of our customers. Brainloop’s collaboration platform is built in line with the highest data privacy standards,…

Newsletter

Locations

Brainloop Aktiengesellschaft
Muehldorfstrasse 8a
81671 Munich
Germany
+49 89 444 699-0