Back in May, the “WannaCry” virus started hitting computer systems across the globe. Spread via a simple E-mail phishing scam, the virus exploited a Microsoft vulnerability to hijack victims’ computers, locking and encrypting data so that it became impossible to access with a key. The cyber attack crippled massively sensitive servers worldwide, bringing amongst others, the UK’s NHS, FedEx and Germany’s rail systems to a grinding halt. All in all, 150 countries and 300,000 computers were affected causing financial losses estimated to be in excess of $1 billion.
The attack may have brought renewed attention to looming cyber security threats facing governments and business. One overlooked aspect was the role lax internal security procedures played in the infection and quick proliferation of the virus. In fact, a Clearswift report has found that 58% of data security threats arise from either current or former employees or authorized partners. While a Forrester survey states that 50% of breaches occur due to errors or accidental misuse on the part of internal users. Intel/McAfee studies show that 68% of these breaches cause a negative financial or public impact on businesses.
In this environment, it’s clear that protecting your business against internal threats is a matter to be taken seriously. Here are 5 steps to take to ensure data security.
Restrict Access to Systems
You do not want unauthorized individuals accessing your company’s data. Run a review of employee access controls, and revoke privileges for employees that are being given access to data they don’t need. If possible try to limit system access to a physical location, for example granting authorization based on department, floor or the device being used. Ensure that servers and computers are only accessible to appropriate members of staff, and try to limit remote access capabilities.
Training and Education
Potential vulnerabilities might seem obvious to experienced IT personnel, but many employees will not be aware of common methods employed by cyber criminals, and may not fully understand the threat that misuse and unintentional errors can pose to a company’s assets. Make sure that employees recognize why certain policies are in place, and that they are working on their end to secure their systems and credentials as much as possible. Employees must be strictly warned off opening any suspicious e-mails and guidelines should be in place for noting and reporting, any potentially malicious activity.
Effective Security Begins at the Recruitment Stage
Your HR department should be running a thorough background check on new employees before they are hired. Amongst other things, an employee’s identity and employment history should be verified, and companies should be aware of any past criminal convictions, or controversies the individual has been involved in.
Part of the induction process should include stressing the importance of data security. The new employee should be well aware of the compliance guidelines in place to ensure that they are in line with company policies.
Good Password Management
Make sure that employees are using complex passwords, that aren’t duplicated across accounts. Two-factor authentication solutions that require a secondary authorization before authorization is granted will further serve to protect data. Concurrent logins on the same credentials should be prohibited, as it discourages the sharing of passwords and usernames. Passwords should be changed regularly, but make sure nobody is writing theirs down, encourage employees to use mnemonics or other such memory devices to keep their passwords in line. Once employees have left the company, their credentials should be immediately disabled so they are no longer able to access sensitive information.
Monitor and Evaluate
Implementing real-time monitoring solutions, such as LepideAuditor, into your business will allow you to track changes in the system and log employee activity. Such a system could also alert IT managers of any suspicious spikes in traffic or of unauthorized changes made. Users should also be made aware that their activities are being monitored as this will act as a strong deterrent to any malicious activity, and will encourage policy adherence.