Today’s businesses – regardless of size or industry sector – are more digitally connected than ever before. In an average work day, it’s not uncommon for an employee to log onto online services such as Gmail, DropBox, online banking, shopping and social channels; store sensitive documents on USB drives and cloud storage services; and send confidential files to their nearest printer.

While this type of digital productivity and instant access has its benefits, it also leaves organisations extremely vulnerable to exploitation by malware, inadvertent employee actions and malicious attacks. Data security breaches can lead to a range of consequences – including the large costs for remediating the breach, regulatory fines and potential damages to the target company’s brand. To date, mitigation efforts have traditionally focused on protecting the organisation from external attackers. However, many businesses fail to realise – the threat that is harder to guard against is within.

A survey by the SANS Institute confirmed the insider threat is a key concern for security professionals. But, of the 770 businesses polled, 32 percent had no systems in place to protect against insider attacks, while 44 percent did not know how much they spent on preventing internal threats.

Spotting security incidents from within the firm is particularly difficult because the attacker may have legitimate access to sensitive information. If the credentials being inputted are valid, the same alarms are not raised as when an unauthorised user attempts entry from the outside.

There is a line to be drawn between allowing employees or contractors access to the information they need to get the job done, and implementing an effective lock-down of sensitive data. Getting the balance right is not easy, especially as more companies continue to make their data available to management, employees, vendors and clients on a multitude of online platforms.

Oct-Dec 2015 Issue

Digital Guardian