The Security Threat from Within – Espion recommends measures to combat insider theft
Email is the most used method to steal information from corporations by employees, according to Ireland’s leading computer forensics and information security company Espion.
The old-fashioned hard copy printouts are the second most popular method used to steal information from employers. Mobile devices, such as USB memory sticks and data CDs, are not as commonly used, accounting for less than 10% of the cases where data has been stolen from an organisation.
“As employees become concerned about their own welfare, regardless of their loyalty in the past, there is a greater likelihood that they may turn on their employers. When employees feel that their position is threatened, or they are on notice, they may look at sensitive data as a valuable commodity that can be used for their own gain – to the detriment of their employer,” says Colm Murphy, technical director with Espion.
“As companies take steps to safeguard systems and data from external attacks, they need to turn their attention to the threat that exists from within the company.”
Murphy highlights the need for companies to incorporate inside threats in to the Information Security programmes. “Insider data theft often goes unnoticed as the perpetrator has all of the required permissions for accessing data. No alarms are triggered and the crime can be committed virtually undetected.”
In today’s digital world, a company’s most valued, sensitive data is no longer under lock and key. Information is stored in files and folders, accessible virtually and in daily use by huge numbers of users. Keeping it secure from an internal breach, while allowing it to remain accessible to the majority of non-malicious employees, is a challenge.
“Not only is digital information easy to access from the inside, removing it is also quite straightforward. Email, printed copies and USB memory sticks make the transfer of stolen data extremely quick, easy and very discreet,” adds Murphy.
Combating Insider Theft
-Review the lists of which employees have access to which parts of the network – restricting access to sensitive material to less people.
-Ensure computers are equipped with programs that required difficult to crack passwords and password-protected screensavers.
-Administrator privileges that give users broad access to systems should be tightly managed. Although users often request rights to carry out legitimate activities, such as a defragmentation, they could also use this ‘access all areas’ for more malicious reasons.
-Watch out for any users repeatedly trying to access data they are not supposed to.
-Deploy monitoring/alert systems to provide real time alerts to suspicious network activities.
-Audit paper and electronic documents of any employees leaving the organisation.
-If there is a notice period, the IT department should actively monitor employee’s access to the network to make sure sensitive and confidential data is not being downloaded or send to the employee’s personal email account. Additional measures should be considered in the event of an acrimonious departure, those employees that leave an organisation on bad terms are more likely to steal data.
-Ensure that as an employee leaves an organisation they no longer have any access to the company’s networks – they can not log-in remotely from home etc.