Johannesburg, 25 Mar 2014
Threats today don't always come from outside the firewall. One of the biggest dangers to your organisation is sitting at their desk right now. Employees have login details to your network, know how to bypass security measures and can easily evade perimeter defences. They have access to your most private data and some of them will try to sabotage your business, says John Mc Loughlin, MD of J2 Software.
However, not all insiders that pose a threat are malicious. Too many employees don't think before sending an e-mail, accessing a Web site, or taking files home with them to work on. Often companies don't actively monitor access to information, server resources and changing permissions.
Many of these issues will be removed by taking simple and automated steps to ensure everything is being monitored, whether it is access to security settings across the infrastructure or tracking user activity for malicious behaviour. While malicious insiders will try to destroy your infrastructure, or steal intellectual property, many insiders are merely careless and na"ive.
Too many organisations still underestimate the insider threat. "Being well informed is the first step to protecting your business. Laying out vast sums of money for perimeter defences, without considering what is happening inside your company right now, can be fatal. While malware detection and antivirus capabilities are effective in detecting worms, botnets, and drive-by downloads, they are absolutely useless in fighting the insider threat or targeted attacks. By far the majority of targeted attacks use legitimate credentials from compromised accounts to steal data from their victims."
Mc Loughlin says data theft, identity theft and data leakage are on the rise, and although businesses will almost certainly have policies in place, they are more often than not never enforced or monitored. Most businesses have no idea that there are simple and fully automated solutions which can ensure your users remain complaint, he adds. "Unfortunately, the majority of businesses don't have a clue what their staff are really up to on the company network, or whether employees who no longer work there still have access to resources. This lack of visibility can be devastating. Research has shown that up to 80% of data breaches originate from trusted users, not from outside threats. Companies need to ask themselves how much of their data they are willing to part with."
Over and above the loss of sensitive data, a tighter regulatory environment means that businesses cannot be lackadaisical about data security. "A breach can cost a business, not only in lost data and reputation, but in fines from regulatory bodies. There is an increasing list of local and international statutory compliance regulations such as POPI, King 3 and the New Companies Act which must be adhered to."
To address the problem of policy enforcement, J2 offers its customers a range of internal security management systems that focus on policy enforcement by tracking, monitoring and controlling all user activity on a computer network as well as monitoring compliance to policy on primary servers including IBMi, AIX and Linux.
"Knowing who is touching your most sensitive data, and what they are doing with it, is the first step towards maintaining control," Mc Loughlin concludes. "Having a view into what data is being moved or any abuse of resources or stealing data via USB storage devices can be dealt with effectively."
Share