Security

Security: It might not be the outside world that's the largest threat to businesses

A new report reveals that one in three businesses experienced an insider attack in the past year. More devices with more access are putting sensitive info in the hands of everyone: Spies included.

spy.jpg
Image: iStock/LucasSG83

When IT professionals think of threats to their organizations the focus is usually put on the outside: hackers and malware are the main problem—right?

A new report from cloud security company Bitglass suggests something entirely different: the biggest threats are coming from inside organizations. In fact, one out of every three companies experienced a breach due to internal security failures in the past year.

Before you start seeing corporate espionage, moles, and spies everywhere it's worth investigating the report: it's not all as malicious as you think.

It's coming from inside the building!

Nearly three-quarters of tech professionals surveyed are worried about insider attacks, and nearly the same amount say it's not a problem of malicious intent—it's all about carelessness.

BYOD, mobile devices, cloud computing, and remote work policies are changing the face of business faster than IT departments can keep up. Every single machine that leaves the office with access to internal files or drives is a potential spy, and 62 percent of IT professionals feel that employees lack adequate training to understand that risk.

SEE: Information security policy (Tech Pro Research)

Unsurprisingly, the report found that 56 percent of those surveyed thought that insider attacks had increased in the past year. That makes sense considering the rise of BYOD and cloud computing: whether accidental or malicious it's easier to leak data when you can access it from anywhere at any time.

Why insider threats are getting worse

The long standing focus on external security has left internal systems a bit neutered, at least according to 66 percent of respondents: they feel less prepared to deal with an insider attack than one from the internet.

When asked why they thought existing security policies were ineffective a majority of those surveyed agreed: privileged users were the biggest threat. This could include super users, those who weren't properly removed from the system on termination, staff who have changed departments, or anyone else with appropriate—or inappropriate—access. In short, if someone can access important data they're a greater risk.

User analytics are a valuable tool in fighting internal attacks, but there's one big problem: while 56 percent of companies are gathering user data only 15 percent are performing behavior analysis, which is where anomalous behavior is going to be detected.

How you can keep the spies at bay

The report found that most IT pros are focusing on three areas: the writing and enforcement of security policy, identity and access management, and encryption. Users need to know what they should and shouldn't do, everyone's access needs to be tightly controlled and tracked, and every piece of hardware that accesses the network needs to be properly secured and encrypted.

SEE: Malware downloaded every 81 seconds, says new Check Point security report (TechRepublic)

IT departments with a large enough budget should consider investing in user behavior anomaly detection, or at the very least investigating how useful it may be to their organization. Stopping an internal leak can only be done if it's identified quickly—every second counts.

Let's face it: BYOD and the cloud aren't going away. We're inching toward a new era in tech where more and more sensitive information is going to be floating in the digital ether, and that means more challenges for data security professionals. Proactive, preventive solutions are the only way to stay ahead of the game.

The 3 big takeaways for TechRepublic readers

  1. One in three businesses experienced an internal attack in the past year, and 74 percent of respondents feel vulnerable to insider threats.
  2. Nearly three-quarters of respondents believe inadvertent leaks are the primary concern. Lack of understanding security, unsecured WiFi, and stolen devices are where the real threats are.
  3. 60 percent of IT professionals think privileged users are the biggest threat. Counter that with proper training, access management, and device encryption.

Also see

About Brandon Vigliarolo

Brandon writes about apps and software for TechRepublic. He's an award-winning feature writer who previously worked as an IT professional and served as an MP in the US Army.

Editor's Picks

Free Newsletters, In your Inbox