Most data leaks arise from insiders doing things they shouldn’t. In a recent Digital Guardian article, 47 security consultants were unanimous in saying that insider actions were a more significant threat to your data than being hacked by outsiders. Insider data theft happens more often, and they have a higher potential to be catastrophic than outsider attacks.
Most incidents are non-malicious and happen through ignorance or by accident. Your top priority must be to protect your company from the massive financial and reputational consequences of any insider data theft.
You can’t be everywhere, and your company’s security comes down to employees seeing it as essential, rather than something to try to find workarounds for. Each individual must take responsibility for his or her own actions and those of their fellow team members. Individuals should act if they see another employee about to do something wrong.
Prevention is the best approach:
Staff will accept these security measures when you make clear that the company’s existence depends on total data security. Make any breach a severe disciplinary issue that could lead to termination of employment.
This Information-Age article goes into greater detail on establishing a cybersecurity culture in your company.
A ‘Bring Your Own Device’ (BYOD) policy might save your technology budget, but represents an unacceptable risk of data leakage. Employees’ tablets and phones could be used by family members who would then be able to access any company data on the device.
Provide mobile devices to those who need them and ensure all files are encrypted. Use encrypted cloud storage services rather than allowing storage to local hard drives and disks.
“My employees should be grateful for a job” is an attitude that will ensure they reciprocal belligerence and negativity.
You are buying someone’s time when you give them a job; you don’t buy their soul. And you definitely don’t buy loyalty.
Loyalty needs to be earned, and the way to do that is to respect each person on your payroll for their individuality and experience they bring to your operations. If you respect employees, they are more likely to respect your business and cooperate in security matters.
Snort from Snort.org, lets you detect unusual activity on your network that might be the precursor to an employee running off with your database.
Snort’s cost is well worthwhile and it will more than pay for itself if it detects just one disgruntled employee before he or she does any damage.
You might be able to sleep at night when you have put all the steps above in place, but would your confidence be justified? How do you know you are safe?
The only guaranteed way to judge the efficacy of your precautions is to pay someone to test them.
You could pay a freelance hacker you find online to try to get into your computers, but you have no way of telling how good the hacker is. Nor do you know what he or she will do if they manage to breach your defenses. Will sell what they found to another hacker or publish your vulnerabilities for all to see?
A professional security assessment from a reputable company like Bulletproof (bulletproof.co.uk) will come at a significant cost, but you will know your data is safe.
If you treat a professional vulnerability assessment as insurance, its value becomes apparent. Having a security consultant visit your premises and check your physical and network security is the only sure way you have to guarantee against insider data theft.
You can do a lot to protect your business from insider data theft by instilling data-security as part of your company culture. However, once you have done everything you can think of, you need to pay a professional to see just how secure you are.
If you are interested in even more business-related articles and information from us here at Bit Rebels then we have a lot to choose from.
Evan Ciniello’s work on the short film "Diaspora" showcases his exceptional ability to blend technical…
It’s my first time attending the BOM Awards, and it won’t be the last. The…
Leather lounges are a renowned choice for their durability and versatility. In the range of…
Charter jets are gaining in popularity, as they allow clients to skip the overcrowded planes…
Cloud computing has transformed how businesses operate, offering flexibility and efficiency at an unprecedented scale.…
Live betting is the in thing in the online betting industry. The ability to place…