This year has really been the year for the insider threats as employees or former employees have either maliciously or unintentionally caused data exposure. Even as late as November of this year a former employee of a major beverage company filed a lawsuit against the company because of negligence, breach of contract and a number of other violations. The data breech occurred over a six year period from 2007 to 2013, when a former employee routinely too company laptops that contained personal employee information and kept them for future use. These kinds of problems have definitely kept CEOs up at night thinking of how to address this problem.
This year’s insider threats have caused enough of an impact for the Department of Homeland Security and the FBI to issue a warning regarding them. According to the 2014 Verizon Data Breach Investigations Report, one of the key attack categories was classified as insider misuse, with 11,698 instances reported. The primary driver of insider theft is financial gain, or fraud.
Now the question here is how do we protect ourselves against insider threats when they could very much be people that we have trusted our sensitive data with? Although there are several security measures that are out there, they do not fully address the insider threat. With many different solutions in use there are bound to be gaps and some of these solutions are not designed to protect the data itself from the insider threat. One of the solutions out there that is focused on protecting actual data itself is digital rights management (DRM).
Fasoo Enterprise DRM provides encryption for all documents from the creation and is monitored throughout their entire document lifecycle. No other security technology is designed specifically to classify every file, apply policy to it and monitor it from the moment of creation. A DRM protected document uses an encryption in this solution to protect and manage sensitive documents in any environment whether it is saved to a PC, downloaded from a server, printed, or sent by email.
More and more organizations are addressing the insider threat, not just because they perceive this to be a problem, but also but also increasingly because they have been a victim of a data breach through an insider’s carelessness or malicious behavior. To protect against the insider threat, they need to look beyond the traditional security technologies that they have already deployed for pervasive protection of data. To this end many are overcoming previously held misconceptions and turning to DRM.
In comparison to other conventional security technologies, DRM arguably provides superior protection against insider threats. It provides protection against insiders who could be abusing their insider access accidentally or maliciously while enabling legitimate users to safely and appropriately access data. It provides protection against insiders who could be abusing their insider access accidentally or maliciously while enabling legitimate users to safely and appropriately access data. That should see many CEOs get a better night’s sleep.
Photo Credit: DonkeyHotey
