The growing threats of 2022 are not just the numerous zero-day threats, the problems of work from anywhere, and the largest number of attackers ever; but also the threats of handling users who may not have the best of intentions within your organization. We are witnessing in the business space a large number of employees considering resigning, (see the "Great Resignation" that has been talked about in various business publications), and with a workforce that may consider leaving an organization, less savory individuals may be evaluating how much your companies' data is worth.
This is, of course, the Insider Threat - the individuals within an organization who may decide to sell or exfiltrate data and harming your business. And the question becomes, how can you secure it?
Traditional data security would involve strict perimeter protections, and control over where the data is at all times. But we are seeing diversified technologies, and an increase in cloud storage means securing data is a lot harder. Especially with limited resources, and staffing issues with the aforementioned "Great Resignation".
What does this mean? For Security professionals it means that we have to spend time and energy securing the data, then creating a process or finding a solution to verify that the employees aren't taking risks with critical data, or using it ways that are improper. But with work from anywhere, this becomes extremely difficult. Access control is only the first part of the problem: your employees need access to do their jobs, and taking away access doesn't allow them to do the job.
With any employee with the right privileges, your data can go wherever it needs to. There are numerous technologies you can use to track data in transit, and even analyze certain behaviors, but at one point there is really only one way you can handle this problem...
Human intervention. You need people to review data policies, to review activity, and to provide analysis of those two factors in order to determine if a next step should be taken to prevent full exfiltration of valued data.
What you can do while figuring out how to make that process, is looking for patterns which could indicate a potential bad actor:
Consistently Poor Security Habits
Inconsistent Following of Data Security Practices
Understanding who *might* be at risk of taking your data will help you create a criteria for protecting it. And... sometimes just helping make an employee more productive by resolving their concerns might solve the problem by itself as well.
If you're not sure how to handle these issues, or want a deeper dive - feel free to reach out to London Security Solutions today!