The best cyber security protocols can be undone by human actions. An employee compromising their work credentials can open the door for cyber criminals to get into the company network. In a recent survey over two-thirds of organizations said they feel “moderately to extremely vulnerable to insider attacks”. As workforces in Mississauga have become remote en masse in light of COVID-19, this insider threat has grown exponentially.
A very public example of insider threat: Twitter hack 2020
The hack in July 2020 – which saw dozens of Twitter accounts belonging to some of the world’s wealthiest and most powerful taken over by hackers – shows how destructive insider threats can be. Investigators found that a Twitter employee had been targeted by ‘spear phishing’, a trick used to coerce individuals to hand over sensitive information. Spear phishing, or ‘vishing’, involves cyber criminals duping targets over the phone.
Insider threats, whether intentional or unintentional, can have very significant data privacy, financial and operational impacts. It’s why our IT professional services team works with businesses of all sizes to better protect their data from human threats and weakness within their own organization.
Cyber security best practices to counter insider threats
- Assess risk – An organization-wide assessment of critical assets, information security, access control and threat management is the starting point for defending against internal and external risks.
- Administrator privileges – Creation of information hierarchy and distributing privileged access. Codifying and implementing a strict access control policy.
- Guest privileges – Curtailed read-only access for vendors and third-party service providers.
- Credential management – Two-factor password management, sign-in location tracking and monitoring suspicious attempted sign-ins. Strict password management policies and self-expiring passwords.
- Employee training – Regular cyber security awareness training on new and emerging threats. Teach employees to identify socially engineered attacks and device security best practices. Mock drills to test preparedness.
- Validation process – Multiple-level human authentication for sensitive and financial information. Process must not ‘penalize’ employees for vigilance.
- Monitor activity – Monitor employees’ activity and flag suspicious actions. Unexpected sign-ins, information access, data copying and other suspicious activity must be monitored.
- Detecting malware – Real-time monitoring of resource usage and network traffic to detect malware. Rapid compartmentalization of affected systems and removal of malware.
- Restricting access – Removal of access for employees that have been let-go to reduce risk of loss of data and tampering of systems. Device sanitization once returned.
- Data backup – Cloud backup solutions for business and document version control to ensure operational continuity in the event of data loss and accountability.
- Layered defence – Policies to establish layered defence against remote threats. Information access ‘checkpoints’ make it harder for hackers to breach systems fully in one go.
- Regular assessment – Periodic assessment of the operational framework to identify weaknesses and streamline security practices.
Cloud backup solutions for business are some of the best ways to protect against data loss – intentional, unintentional, or accidental.
Personalized IT professional services in Mississauga
Securing against insider threats requires a subtle approach. An IT professional services provider must balance security protocol and compliance to minimize operational disruption. Speak to a NUMENTIS representative to understand how you can protect your business from insider threats.