By Alan Kessler, CEO-Vormetric
A core element in every one of the recent financially motivated hacks and nation-state attacks (like the one that affected Sony Entertainment are insiders or their compromised credentials. Employees with legitimate access, service providers or contractors that maintain infrastructure and privileged users are all both possible actors, and potential attack vectors when their credentials are compromised.
The last 12 months have seen continuous loss of data as organizations globally have had to publicly admit their security shortcomings. But recent headlines have made data breaches a larger board level concern.
In conjunction with Harris and Ovum, Vormetric recently delivered its third Insider Threat Report. Global findings include:
The good news? The situation is not hopeless. Organizations should limit business system, partner and employee access to corporate data to no more information than they need to fulfill their specific roles.
For far too long, system administrators and business users with privileged access to the most sensitive corporate data have had open access, with few controls placed on their rights of entry. Understandably, concerns over privileged user access are at the top of the agenda for most senior managers. They now understand the damage that a rogue user with admin rights can do, and they recognize that if this type of user is not properly monitored and controlled, the damage can be far-reaching.
Ultimately, the types and needs of users that should be taken into account when putting together an insider threat protection strategy are diverse and continue to grow. Employees, business partners, suppliers, service providers, contractors and malicious outsiders can each put corporate data at risk. It's high time we enforced controls that maintain the right levels of accessibility.