Views

Are you the biggest cyber threat to your employer?

Poor policies, negligence, even a step to boost productivity, can allow outsiders to attack company computer systems

Many are aware of the threat posed by malicious insiders. But it is not only the malicious you need to worry about - don't underestimate the threats posed by human error and even some good intentions.

The most common problems for businesses include system misconfiguration, poor patch management, using default settings and weak passwords, lost devices, and sending sensitive data to a wrong e-mail address.

Some of these problems could be caused by an individual's poor decision or a slip of the mouse. It could be something as simple as clicking "reply all" on an e-mail. But some are the result of poor policy or poor management.

System configurations and patch management should be matters of organisational policy and should be periodically assessed.

We will never rid ourselves completely of mistakes but, with many organisations finding that negligence is the root of most incidents, there is vast room for improvement and a definite need.

With the damage caused often amplified by excessive permissions, organisations need to get a firmer grasp on their privileged accounts and remove access where it is unnecessary.

Any employee with unconstrained access could, accidentally or maliciously, become a dangerous insider.

Most employees just want to do a good job and be recognised. Many go out of their way to do their jobs efficiently, and that too can pose a problem.

It is not uncommon for employees to install unauthorised wireless access points to make it easier to connect to the network throughout the office.

These points can improve productivity and worker satisfaction but, unknown and unmanaged by administrators, they also create security gaps that can be exploited by attackers to gain access to the organisation's network.

Workers often see security as a roadblock rather than an enabler.

When this happens, they will find ways around policy in order to do their jobs more easily and become insider threats.

Honest insiders are also targeted by malicious outsiders through the use of social engineering.

E-mail phishing (and spear-phishing to target high-value individuals) is still one of the most common types of social engineering.

Attackers have become increasingly sophisticated in their approaches, unwittingly drawing employees in.

THIRD PARTIES

Insider threats do not stop with employees. Third parties are also able to present potential threats.

Contractors, business partners and links across the supply chain all present threats that can be used to compromise your network from the inside.

One of the key threats we see is attackers actively targeting highly permissioned users, looking for those individuals or accounts which can open the doors to the rest of the organisation and the valuable data held by them.

The first line of defence against the well-intentioned insider becoming a threat is awareness and training.

Business leaders need to engage with their security teams to ensure that they have the correct measures in place to protect themselves, shut down attacks and the ability to report back on attacks faced, and the resulting implications for customers or business data.

The writer is Vice-President of Solution Engineer, Asia Pacific and Japan, CyberArk

Technology