What Is the “Insider Threat”?

What Is the Insider ThreatCompanies trying to stay on top of their IT security have heard the buzz about the “insider threat” posed by our increasingly cloud-based and mobile work habits.  The problem of legitimate users accidentally or intentionally leaking confidential data is one that many organizations have been complacent about to date.  Many business leaders misunderstand the insider threat and exactly how sensitive information gets leaked or stolen.

Awareness is increasing about the threat itself and the shortcomings of ‘traditional’ security tools to mitigate the insider threat.  Exactly who is a potential threat and how do they compromise the security of your most sensitive information.  Here’s everything you need to know.

Who comprises the insider threat:

  • Current employees. Employees are, ironically, the biggest risk to a company’s own IT security in the age of the insider threat.  That’s because employees are increasingly accessing their company’s private data from a multitude of devices both on and off campus, often on public Wi-Fi networks.  The threat here is not disgruntled employees selling the company out, but perfectly loyal employees whose device security simply isn’t up to speed.
  • Former employees. While less common, former employees can also accidentally disseminate data and become an insider threat.  They may have reams of company files saved in their My Documents folder on their laptop or other places, and while they tend to forget about it after they leave that doesn’t mean it can’t be stolen by others.
  • Clients, partners and contractors. Companies frequently share data with numerous people and organizations, and each one comes with its own security risks.  You may not want to come across as the information police when working with clients, and may need to set up access for subcontractors on the fly even though they aren’t familiar with company security policies.  But just because partners sign confidentiality agreements does not mean their information security is comparable to your own.

 

How the insider threat works:

The insider threat tends to become a problem in one of three ways: mobile, stored data, and malice.

Mobile devices are more vulnerable than they seem. While many companies forbid staff from handling sensitive information on personal devices, employees routinely ignore such policies simply for the sake of convenience.  And mobile phones can be compromised not only by hackers or third party apps, but simply by being stolen.  If a saboteur wants your company information, it’s a lot easier to steal the CEO’s phone than it is to hack your file server.

Stored data is a problem for similar reasons. Staff may put sensitive information on a USB stick or save it to their laptop to work on it, not realizing this creates an unsecure copy.

Sometimes, the insider threat consists of employees with malicious intent. While it’s uncommon that an insider willfully sells out their own employer, it’s a possibility that you need to prepare for.

 

Solutions

While the insider threat can never be completely eliminated, smart companies can protect themselves.  This requires new mobile security solutions that are specifically designed for a distributed, BYOD-friendly atmosphere.  Not only do these solutions protect your data, they also make it easier for your employees to work on it—with total peace of mind.

 

Photo credit marsmet tallahassee

Comments 1

  1. This is very timely considering the announcement made by the US government yesterday that there may be another Edward Snowden on the loose.

Leave a Reply

Your email address will not be published. Required fields are marked *