Insider Threats: 10 Ways To Protect Your Data - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
IT Leadership // Digital Business
News
11/18/2015
07:06 AM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

Insider Threats: 10 Ways To Protect Your Data

While IT focuses on outside threats, danger lurks from within -- your employees. Whether intentional or unintentional, data breaches resulting from workers mishandling data can be prevented. Here's a look at 10 ways it can be done effectively.
Previous
1 of 12
Next

(Image: succo via Pixabay)

(Image: succo via Pixabay)

With so much attention placed on protecting corporate infrastructure from external threats, it often comes as a surprise to IT leadership that over 40% of data loss is the direct result of internal threats. While we must generally think of our employees as trusted individuals, their mishandling of data -- both intentional and unintentional -- is a tremendous risk in the world of IT security.

The situation is not helped by the changing ways workers are interacting with and handling data. The Bring Your Own Device (BYOD) movement has made employees lives much easier, now that they can perform work duties in ways that before were difficult and in places previously unreachable. But at the same time, BYOD has also introduced far more ways for data to leak out of IT's protective hands.

As a result, IT administrators must begin to think more seriously about internal machine-to-machine transactions -- and how they pose as much of a threat of data loss as employees do. The Internet of Things (IoT) will undoubtedly increase the risk of machine-account theft and usage. Adding to the risk is the fact that machine-account security standards are far less secure when compared with employee user accounts.

[Read 14 Security Fails That Cost Executives Their Jobs.]

Needless to say, simply preaching about employee education and patch management won't quite cut it in today's ever-growing problem of data loss, which, along with associated downtime, costs enterprise organizations around the world $1.7 trillion a year. IT security, with IT leadership championing the effort, must move well beyond the basics.

The following pages present 10 different ways your organization can help reduce the risk of internal data breaches. Most enterprises have likely implemented one or more of these security practices. But there might be some methods listed that many may not have thought of or seriously considered.

Take a look and tell us what you think of our list. Are there other data security measures that your organization uses? Let us know in the comments section below.

Andrew has well over a decade of enterprise networking under his belt through his consulting practice, which specializes in enterprise network architectures and datacenter build-outs and prior experience at organizations such as State Farm Insurance, United Airlines and the ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Previous
1 of 12
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
tzubair
50%
50%
tzubair,
User Rank: Ninja
11/25/2015 | 5:10:03 PM
IoT and security
"The Internet of Things (IoT) will undoubtedly increase the risk of machine-account theft and usage."

I think the IoT will bring in interesting challenges to information security as autonomous machines begin to communicate. The authentication protocols will be totally different. However, the IoT platform has its own security mechanisms as well to ensure the environment is kept safefrom external attacks. The challenges are interesting but don't seem to be very seriously threatening.
tzubair
50%
50%
tzubair,
User Rank: Ninja
11/25/2015 | 5:05:56 PM
Re: Role based authorization
"However, if there is only one person with the supervisory privileges and if he/she falls sick the whole operation will stop. As an example, in a bank only one person is there to authorize the payments after a certain level. "

@shamika: That does create a problem but there are ways to go about it. You can assign multiple people the roles and their roles only become active once the primary personnel is not available. He/She needs to pass on the role to someone else who's next in the line.
shamika
50%
50%
shamika,
User Rank: Ninja
11/24/2015 | 9:59:26 PM
Re: Role based authorization
"Alert IT security when abnormal employee behavior on corporate resources is happening" . This initiative will definitely add value. This is more relevant to areas such as banks, where they deal with more sensitive and confidential data of customers.
shamika
50%
50%
shamika,
User Rank: Ninja
11/24/2015 | 9:54:35 PM
Role based authorization
Role based authorization is a good initiative. However, if there is only one person with the supervisory privileges and if he/she falls sick the whole operation will stop. As an example, in a bank only one person is there to authorize the payments after a certain level. 
shamika
50%
50%
shamika,
User Rank: Ninja
11/23/2015 | 4:41:25 AM
USB ports
This is an interesting article. Data protection has become vital irrespective of the industry. Most of the companies restrict access to USB ports.
Commentary
Enterprise Guide to Edge Computing
Cathleen Gagne, Managing Editor, InformationWeek,  10/15/2019
News
Rethinking IT: Tech Investments that Drive Business Growth
Jessica Davis, Senior Editor, Enterprise Apps,  10/3/2019
Slideshows
IT Careers: 12 Job Skills in Demand for 2020
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/1/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
Slideshows
Flash Poll