Protect Your Data From Internal Attacks

While Hollywood may love the image of the hacker lurking in the shadows, stealthily pillaging from across cyberspace, the reality is that threats from inside your network, whether intentionally malicious or unintentionally hazardous, are by far the greater problem in online security.

An inside threat can be as innocuous as an employee unknowingly clicking on a seemingly secure link in an email, opening up an opportunity for a malicious and soon-to-be-ex contractor to scorch your servers and sell secrets to your competitors.

A Vormetric study reports that 44% of US companies experienced a data breach or failed compliance audit in the last year. In fact, many of the most newsworthy breaches (like Target, Home Depot, and the Office of Personnel Management) came from internal weaknesses.

Anger meets misconfiguration

Innocuous or intentionally malicious, internal threats appear in the form of disgruntled employees, or those who merely seek to bypass security procedures they perceive as onerous. The misconfiguration of web-based applications and cloud-based infrastructure, are all too common. The added insecurity of un-vetted, often un-savvy contractors and consultants and the plethora of mobile devices in the workplace make company data ripe for even unsophisticated hackers.

Using these inside weaknesses in your perimeter security, hackers gain access to your networks and exfiltrate sensitive and valuable data. In the case of the infamous Target breach (which resulted in both the CEO and CIO losing their positions), thieves used credentials from one of the corporation’s refrigeration vendors to steal payment information and data from more than 70 million customers. Who would've thought that the company providing refrigeration would be the way into your entire internal network?

An ongoing battle

Protection from internal threats requires multi-pronged, ever-evolving approaches. Management and IT security professionals need to start by examining and securing internal weaknesses and recognize them as a major threat. This applies to people as well as computer systems.

1. Organisations need to understand the applications accessing their networks and move past the legacy ideology of “safe” and “unsafe” products

Operating systems have long been proven vehicles for attack. But even products built for safety can be vulnerable, like the recently uncovered flaw in Trend Micro’s antivirus software.

Two of the key elements in security are layering and segmenting. Layers of protection start with your firewall, move through your network and end on with individual users. Segmenting your network prevents intruders from getting everywhere once they break in somewhere. This was one of Target’s mistakes. Safety is not a place one reaches, but a state that requires vigilance. Seeing your network as one amorphous blob does nothing to help secure it.

2. Password protection efforts are only as strong as the passwords themselves, and then only if teams and workers don’t share them in an effort to simplify workflow

Ashley Madison reminded us that the most popular passwords are 123456, abc123 and Qwerty. Because passwords are keys to the kingdom in your business, they need complexity. Your systems must note length, content and repetition and should require new passwords at regular intervals.

More than that, companies need to take steps to prevent credential sharing. Single sign-on simplifies logins and cuts down on sharing. Allowing users to login from only one computer at a time also helps. Two-step authentication, especially for access from outside, can significantly reduce hackers’ chances of getting into your network. All this is slightly more inconvenient for employees, but holds exponential benefit for securing your network.

3. Trust contractors (with caveats)

Companies must vet anyone who has access, be it employees or contractors, to ensure that the people using those access points are both ethical and properly trained in how (and why) security protocols are mission-critical. A code of ethics, an acceptable use policy and getting an overview of their company’s IT security are a good place to start. From unidentified USB devices to unsecured WiFi Networks, employees must realize how they can unwittingly become the entry point for external malware. Teach them the ropes in plain English, and your human factor won’t be as vulnerable.

4. Have an eject button

When workers leave, be sure they’re really gone. Create off-boarding lists for what to do about closing accounts and turning in devices to ensure that they don’t take data access with them. When someone enters your network, make sure they’re found before damage is done, through active breach detection or otherwise. Regular security audits are an essential tool to know who is accessing your network. And be sure to keep up on current vulnerabilities so you can plug any new holes.

5. Educate, educate, educate

Rebooting and being on hold with tech support sums up most people’s experience with IT. The average person does not understand the intricacies and threats to network security. IT departments need to continually educate workers with short, 5- to 10-minute presentations on topics from passwords to email attachments to BYOD. Do remember that the Sony hack was only possible because a worker pulling an email out from their junk folder, and then opened the attachment. Securing the human factor is the hardest, but most rewarding part of IT security.

The good news

After years of chaos inside of the perimeter, teams can now access more mature network detection tools. The cloud and data analytics make it possible to identify breaches before any damage done, and remediate them without incident. As breaches continue to infiltrate every facet of business and life, accessing the most modern protections available will continue to be worth its weight in (data) gold.

Net-Security: http://bit.ly/1Q5ayL0

« US Agreement With The UK Allows Data Access To Private Companies
NSA Is Merging Hacker And Anti-Hacker Teams »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IPVanish

IPVanish

IPVanish has its roots in over 15 years of network management, IP services, and content delivery services. Now we're bringing these finely honed skills to VPN.

Micro Focus

Micro Focus

Micro Focus is one of the world’s largest enterprise software providers. We deliver trusted and proven mission-critical software that keeps the digital world running.

NetMotion Software

NetMotion Software

NetMotion Software specializes in mobile performance management solutions to manage, secure and support the mobile enterprise.

ProPay

ProPay

ProPay provides secure payment solutions for organizations ranging from small businesses to large enterprises requiring complex payment solutions.

CyberSift

CyberSift

CyberSift is a cyber security provider. We develop threat detection software which needs no infrastructure changes as it integrates with almost any security tool.

Belden

Belden

Belden is a global leader in signal transmission and security solutions for mission-critical applications in enterprise and industrial markets. Belden brands include Hirschmann and Tofino Security.

Attack Research

Attack Research

We go far beyond standard tools and scripted tests. Find out if your network or technology can stand real-world and dedicated attackers.

Nordic Cyber Summit

Nordic Cyber Summit

Nordic Cyber Security Summit addresses a wide range of technological issues from the IT Security spectrum and also provides a wider perspective from all aspects of the industry.

Red Points

Red Points

Red Points protects your brand and content in the digital environment.

Sonrai Security

Sonrai Security

Sonrai Security delivers an enterprise security platform focused on identity and data protection inside AWS, Azure, and Google Cloud.

Mindsight

Mindsight

Mindsight is a technology consulting firm with expertise from cybersecurity to cloud, disaster recovery to infrastructure, and collaboration to contact center.

Klaatu IT Security (KITS)

Klaatu IT Security (KITS)

Klaatu IT Security is a boutique provider of cyber security services, empowering our clients to prioritise and reduce their cyber risk.

Total Secure Technology

Total Secure Technology

Total Secure Technology provides trusted Managed IT Security and Managed IT Services for organizations looking to increase their cybersecurity defensive posture.

Systems Engineering

Systems Engineering

Systems Engineering is a SOC 2, Type 2-certified IT strategy and managed technology services provider.

Darwinium

Darwinium

Darwinium is a Cyberfraud Prevention Platform that provides scalable customer journey protection without complexity.

Neeve

Neeve

Neeve is an edge cloud platform transforming smart buildings and spaces, making them more secure, smarter, and more sustainable.