Data Breach Response Plan: Protect Your Workplace Against Insider Attacks
A new report shows that 89% of organizations are “vulnerable to insider attacks”.
According to the 2015 Vormetric Insider Threat Report, only 11% of respondents (consisting of over 800 global IT decision makers) felt that their organizations is secure.
At the same time, the 2016 Data Protection & Breach Readiness Guide by Online Trust Alliance (OTA) found that nearly 1/3 of data breach incidents in the first half of 2015 were caused by an inside - by accident or by malicious intent.
Here’s what every organization needs to know about insider attacks:
Panama data breach sets the tone
Security experts now speculate that an insider was involved in the Panama Papers leak, which exposed 11.5 million records and is one of the largest data breaches ever.
Despite the alarming statistics and case studies pointing to insider threats as the largest cause of security breaches, over 30% of organization still don't have any security measures in place against insider threats according to a SANS Institute Report.
According to OTA, 91% of data breaches that occurred from January to August last year could have been prevented with controls such as patching a server, encrypting data, or ensuring the mobile workforce doesn’t lose their laptops.
While an insider threat is generally regarded as a threat that comes from someone within the organization, the definition has expanded to include ‘virtual’ insiders (outsiders who have stolen user credentials), third-party service providers, and business partners with inappropriate access rights. Organizations are urged to define security requirements with vendors, and conduct due diligence with new, existing, and departing employees.
Privilege creep is when users over time gain access rights beyond their requirements. According to Vormetric, only 58% of organizations are able to control privileged users. What's best? Protect the most sensitive information with several levels of security including passwords, multi-factor authentication and encryption.
Spotting typical insiders
Characteristics of typical insider fraudsters include behavior changes such as pulling up data at odd times, general unhappiness with their job, and not taking vacations. Monitor employee activity on corporate networks, and introduce a workplace ‘tips’ line.
Any organization that handles clients’ sensitive information (think law firms and financial institutions) should be on high alert. In March, the FBI warned that international law firms were being targeted by hackers.
All organizations are encouraged to improve data management to identify where confidential information gets stored, who can access it, and whether there are sufficient safeguarding controls. There should be a data breach response plan too. Educate employees about appropriate handling and protection. Embed secure workplace processes that extend to the mobile devices too.
Manage old records
Almost 40 years of confidential information was obtained from the internal database of the law firm in the Panama Papers leak. Review how old records are safeguarded. Take digitized records offline, and place in secure storage. Don’t collect information you don’t need, and purge information that doesn’t need to be retained. The safest way to secure information when it is no longer needed is to destroy it in a secure manner. Partner with a document destruction company for secure destruction of digital and paper documents.
The importance of data security best practices in the workplace has never been more important.