How about this statistic for starter? A recent article states that “a third of ex-employees have access to company data and 9 percent have used their access privileges”. With this shocking statistic for some, it is raising fears of the insider threat being a lot larger than what they perceived it to be. The question here is how is this even possible in a time where data breaches are almost happening on a weekly basis and most definitely popular well known organizations have come up in headlines at the very least once a month.
Most of the time we hear of accidental, non-malicious acts of insider theft, but it was also stated that some of these ex-employees were aware that their access rights had not been revoked. Although very malicious, these issues could’ve been resolved very easily, yet it was not. Yes, changing passwords or deactivating accounts was one easy way this could’ve been solved, but a better approach too would be to encrypt all the IP that they have access to. Once they leave, there access can be revoked to these files, and there access thereafter would’ve been denied to these confidential files.
Auditing and just knowing where the data is not good enough, as it will only tell you where the data is, but ultimately, the data will be leaked without the proper file security, such as digital rights management (DRM).
Remember data needs to be protected persistently, whether it is stored, being used, being transmitted, or even after it has been transmitted. DRM is considered to be the only complete and effective solution that protects you against unwanted information leaks from current or ex-employees.
In a time like this where data breaches and insider threats happen way too often, it is important for every CEO to be attentive to these issue and select the right solution to prevent unauthorized access to an organization’s intellectual property.
Photo Credit: walknboston