Insider Threats: How Co-Workers Became a Bigger Security Headache

One of the biggest security threats to your team might be the person working right beside you.

Insider threats, which can take the form of either malicious or careless employees, are not only an ongoing problem for many security and IT teams; they are also a costly one, as well.

Reduce Security Risk

Despite increases in insider threats, there are several tech strategies that enterprises can deploy to help mitigate some of these security incidents, suggested Steve Durbin, the managing director of the Information Security Forum, a London-based cybersecurity and risk management firm.

Durbin’s checklist includes security best practices and tech deployments, including:

• Identity and access management solutions.
• Desktop solutions that enforce data classification, for example by encrypting confidential documents before emailing, or by preventing highly confidential documents to be emailed to external addresses.
• Data loss prevention (DLP).
• Event logging and monitoring.
• Remote wiping of mobile devices.

The Information Security Forum also offers a checklist for companies that includes ways to evaluate employees before they are hired, inducting new workers into a firm’s security practices, evaluating people as they develop and how to change their behavior, and finally how to remove someone who is a threat and revoke his or her privileges.

“All these actions can be supported by awareness and training,” Durbin told Dice. “The trust organizations are placing in insiders has grown with advances in information technology, increasing information risk and changing work environments. This trend will continue as the volume of information insiders can access, store and transmit continues to soar—and mobile working for multiple employers becomes the status quo.”