Protect Your Data From Internal Attacks

While Hollywood may love the image of the hacker lurking in the shadows, stealthily pillaging from across cyberspace, the reality is that threats from inside your network, whether intentionally malicious or unintentionally hazardous, are by far the greater problem in online security.

An inside threat can be as innocuous as an employee unknowingly clicking on a seemingly secure link in an email, opening up an opportunity for a malicious and soon-to-be-ex contractor to scorch your servers and sell secrets to your competitors.

A Vormetric study reports that 44% of US companies experienced a data breach or failed compliance audit in the last year. In fact, many of the most newsworthy breaches (like Target, Home Depot, and the Office of Personnel Management) came from internal weaknesses.

Anger meets misconfiguration

Innocuous or intentionally malicious, internal threats appear in the form of disgruntled employees, or those who merely seek to bypass security procedures they perceive as onerous. The misconfiguration of web-based applications and cloud-based infrastructure, are all too common. The added insecurity of un-vetted, often un-savvy contractors and consultants and the plethora of mobile devices in the workplace make company data ripe for even unsophisticated hackers.

Using these inside weaknesses in your perimeter security, hackers gain access to your networks and exfiltrate sensitive and valuable data. In the case of the infamous Target breach (which resulted in both the CEO and CIO losing their positions), thieves used credentials from one of the corporation’s refrigeration vendors to steal payment information and data from more than 70 million customers. Who would've thought that the company providing refrigeration would be the way into your entire internal network?

An ongoing battle

Protection from internal threats requires multi-pronged, ever-evolving approaches. Management and IT security professionals need to start by examining and securing internal weaknesses and recognize them as a major threat. This applies to people as well as computer systems.

1. Organisations need to understand the applications accessing their networks and move past the legacy ideology of “safe” and “unsafe” products

Operating systems have long been proven vehicles for attack. But even products built for safety can be vulnerable, like the recently uncovered flaw in Trend Micro’s antivirus software.

Two of the key elements in security are layering and segmenting. Layers of protection start with your firewall, move through your network and end on with individual users. Segmenting your network prevents intruders from getting everywhere once they break in somewhere. This was one of Target’s mistakes. Safety is not a place one reaches, but a state that requires vigilance. Seeing your network as one amorphous blob does nothing to help secure it.

2. Password protection efforts are only as strong as the passwords themselves, and then only if teams and workers don’t share them in an effort to simplify workflow

Ashley Madison reminded us that the most popular passwords are 123456, abc123 and Qwerty. Because passwords are keys to the kingdom in your business, they need complexity. Your systems must note length, content and repetition and should require new passwords at regular intervals.

More than that, companies need to take steps to prevent credential sharing. Single sign-on simplifies logins and cuts down on sharing. Allowing users to login from only one computer at a time also helps. Two-step authentication, especially for access from outside, can significantly reduce hackers’ chances of getting into your network. All this is slightly more inconvenient for employees, but holds exponential benefit for securing your network.

3. Trust contractors (with caveats)

Companies must vet anyone who has access, be it employees or contractors, to ensure that the people using those access points are both ethical and properly trained in how (and why) security protocols are mission-critical. A code of ethics, an acceptable use policy and getting an overview of their company’s IT security are a good place to start. From unidentified USB devices to unsecured WiFi Networks, employees must realize how they can unwittingly become the entry point for external malware. Teach them the ropes in plain English, and your human factor won’t be as vulnerable.

4. Have an eject button

When workers leave, be sure they’re really gone. Create off-boarding lists for what to do about closing accounts and turning in devices to ensure that they don’t take data access with them. When someone enters your network, make sure they’re found before damage is done, through active breach detection or otherwise. Regular security audits are an essential tool to know who is accessing your network. And be sure to keep up on current vulnerabilities so you can plug any new holes.

5. Educate, educate, educate

Rebooting and being on hold with tech support sums up most people’s experience with IT. The average person does not understand the intricacies and threats to network security. IT departments need to continually educate workers with short, 5- to 10-minute presentations on topics from passwords to email attachments to BYOD. Do remember that the Sony hack was only possible because a worker pulling an email out from their junk folder, and then opened the attachment. Securing the human factor is the hardest, but most rewarding part of IT security.

The good news

After years of chaos inside of the perimeter, teams can now access more mature network detection tools. The cloud and data analytics make it possible to identify breaches before any damage done, and remediate them without incident. As breaches continue to infiltrate every facet of business and life, accessing the most modern protections available will continue to be worth its weight in (data) gold.

Net-Security: http://bit.ly/1Q5ayL0

« US Agreement With The UK Allows Data Access To Private Companies
NSA Is Merging Hacker And Anti-Hacker Teams »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Privacy Professor

Privacy Professor

Privacy Professor provides information privacy, security and compliance services, tools and products to organizations in a wide range of industries.

GuidePoint Security

GuidePoint Security

GuidePoint Security provide information security solutions that enable commercial and federal organizations to more successfully achieve their security and business goals.

Clavis Information Security

Clavis Information Security

Clavis is an Information Security company offering a complete portfolio of solutions from Pentesting and Security Assessments to Managed Security Services and Training.

Agility Networks

Agility Networks

Agility Networks is a technology company providing integrated services and solutions for Digital Transformation and Cyber Security.

CIBR Warriors

CIBR Warriors

CIBR Warriors are a leading cyber security and networking staffing company that provides workforce solutions with businesses nationwide in the USA.

DoControl

DoControl

DoControl gives organizations the automated, self-service tools they need for SaaS applications data access monitoring, orchestration, and remediation.

Digital Silence

Digital Silence

Digital Silence is a world-class provider of information security research and consulting services.

Morpheus Enterprises

Morpheus Enterprises

Morpheus Enterprises offer managed security solutions designed to keep your web applications secure and your business running smoothly.

AHAD

AHAD

AHAD provides cybersecurity, digital transformation, and risk management services and solutions to Government, Fortune 500, And Start-Up Companies in the Middle East region.

PatchAdvisor

PatchAdvisor

PatchAdvisor core services include Vulnerability Assessments/Penetration Testing, Application Vulnerability Assessments, and Incident Response.

Halcyon

Halcyon

Halcyon is the industry’s first dedicated, adaptive security platform focused specifically on stopping ransomware attacks.

Dexian

Dexian

Dexian is a leading provider of staffing, IT, and workforce solutions with nearly 12,000 employees and 70 locations worldwide.

Ivolv Cybersecurity

Ivolv Cybersecurity

Ivolv is here to assist your organization in building effective protection and resilience against cyber attacks.

Multidisciplinary Institute for Cybersecurity and Cyber Resilience (IMC2)

Multidisciplinary Institute for Cybersecurity and Cyber Resilience (IMC2)

IMC2 brings together resources to carry out ambitious, innovative and multidisciplinary projects in the field of cybersecurity and cyber resilience.

Resmo

Resmo

Resmo is an all in one platform for SaaS app and access management for modern IT teams.

Secure Cyber Management

Secure Cyber Management

Secure Cyber Management provides industry-leading cloud security advice, guidance and services.