Chief Security Strategist
  • Security
The biggest threat to your company’s information security could be sitting two cubicles away from you. Make no mistake. Outside threats are real and shouldn’t be ignored. But the greatest risk to enterprise information security today is the insider threat.

Insider threats involve actions taken by employees that have an adverse effect on your company. They may be purposely malicious in nature—such as stealing information for personal gain or corrupting data for revenge—or simply accidental. Regardless of intent, the risk is real and must be mitigated. Here are some strategies that will help:

  • Encrypt your data: Highly critical data should be encrypted, both in-flight and at-rest. Don’t allow confidential information to be sent via email unless it’s encrypted. And make sure sensitive data on laptops, tablets, and USB devices is encrypted to protect that information in the event those devices are lost or stolen.
  • Implement multi-factor authentication: Multi-factor authentication requires a user to provide multiple credentials—such as a password and a token—before being granted access to an application or data set. Unless the user can provide all of the credentials required, their access is denied. Using multi-factor authentication makes it more difficult for an insider breach to occur.
  • Plug the leaks: Data loss/leakage prevention (DLP) solutions can be used to monitor data transmissions to help guard against sensitive or confidential data inadvertently being transmitted outside of your corporate network—either by flagging issues that are found and warning users or by blocking transmissions entirely.
  • Arm your people with knowledge: Most security incidents caused by insiders are accidental; a corrupted email attachment is opened without thinking of the consequences or sensitive company information is shared with a third party by mistake. Security awareness training is critical. Inform employees about the latest phishing tactics. And be sure they understand corporate security policy and how to follow it.
Take action now to protect your information assets from insider threats. Train your employees to recognize the danger. And implement a comprehensive security program that includes data encryption, multi-factor authentication, and DLP to help keep critical business information out of the hands of the wrong people.

Comments

Load more comments
Thank you for the comment! Your comment must be approved first
* Required
comment-avatar

Ready To Begin? Contact Us Today.

Request A Presentation