Keeping Data Safe Starts with Tackling Insider Threats

Data is simultaneously the lifeblood and the crown jewels of any successful business

This also makes proprietary data, intellectual property, and personally identifiable information primary targets for cybercriminals. As organisations strive to collaborate and streamline productivity, they need to embrace tools and processes that enable them to protect data and prevent unauthorised access.

Data is Under Siege

While most people think of external threats like malware when they think of data loss, they are not the only threat. The threat from an organisation’s own employees is often bigger than the threat from external cybercriminals. In fact, half of business decision-makers believe that employees are the single biggest threat to their company’s intellectual property—and for good reason. 

Code42 surveyed more than 1,600 information security professionals and business decision makers for our 2019 Data Exposure Report, and found that 63% overall admitted to taking data from their previous employer to their next company. That helps explain why two-thirds of organisations have been victims of a data breach caused by an insider threat in the last 18 months, despite having data loss prevention solutions in place.

Follow Best Practices to Address Insider Threat

There is nothing you can do to make your network invulnerable or protect your data from every possible breach. However, following established best practices and having the right tools in place can get you pretty close. Here are some steps every organisation should take to protect data and minimise insider threats:

Define Policies

You can’t expect employees to follow guidelines that don’t exist or that they’re not aware of. Define, share and regularly reinforce your protocols around data use and ownership to deter internal risks. Automate acknowledgement of those protocols to ensure that everyone is aware of and acknowledges them. 

Clearly Notify Users

Our 2019 Data Exposure Report found that 72% of IT security leaders agree: “It’s not just corporate data, it’s my work – and my ideas.” Preemptively address this misunderstanding by displaying a standard login banner reminding users they are accessing a private computing facility and that the work they create belongs to the organisation.

Effective User Training

Hold regular training sessions to reinforce the right types of behaviour. For example, educate users about the proper process for gaining permission to take certain authorised data with them when they leave the company, and stress that taking data without following the established process is theft. 

Monitor for Anomalous File Activity

Employees need access to sensitive data to get their jobs done—but you need to be able to detect, investigate and respond when unusual file activity occurs. Implement tools and technology to detect (rather than block) anomalous file movements, and flag when employees abuse their data sharing privileges and the trust that has been placed in them. 

Detect Data Exfiltration

Employees are most likely to exfiltrate critical company data when they quit, so ensure you collect the data they access or download in the same way you would any other asset. Most of that data departing employees steal is taken in the 30 days prior to the employee giving notice.

Keep Data Safe from Insider Threats

Companies need to be able to trust their employees. It’s the ideas and hard work of employees that build companies and make them successful. That’s why organisations should create data security programmes that allow employees to work collaboratively across platforms and locations but that also verifies that those employees are handling data properly. Training, education and transparency are all critical parts of a successful data loss protection programme, as is a tool that detects, investigates and responds to cases where employees put data at risk. 

About the Author

Richard Agnew is VP EMEA, Code42 and a veteran of the UK IT industry having served in management roles at EMC, NetApp and Veeam. For Code42, Richard is responsible for growing EMEA and emulating the success of Code42 seen in North America.

Featured image: ©SeventyFour