The Devil You Know: Stopping Insider Threats

Posted on Mar 30th, 2015

Most of what you hear in the news highlights the latest attacks coming from external forces such as those at Sony, Target, and eBay. But what about the rogue insider who intentionally inflicts damage or the employee who unknowingly unlocks the keys to the kingdom?  

The traditional approach to safeguarding the network was to build a secure perimeter, and then monitor and defend that perimeter using robust technological tools. As events like the Edward Snowden/NSA affair indicate, this approach has one major flaw: It does not account for the Insider Threat. Even as organizations have increased awareness of the Insider Threat they still struggle with how to keep the network and sensitive assets safe.

There are Internal Threat deterrents to prevent "the devil you know" from undermining the mission of your organization, but the Internal Threat can take many guises. Before implementing a protective strategy, it's important to understand what you are dealing with. These include:

  • Data leakage via USB

Research from Ponemon Institute indicates that as much as 60 percent of employees that leave the organization (voluntarily or otherwise) take enterprise data when they go. What makes it easier to do this than a USB? Employees can connect, swipe, and go, quickly, without detection.

  • Accidental malware injection

When staff open corrupt files or connect a personal USB to their computer, they risk exposing the network to malware.

  • Hijacked local admin group

Users admitted to the local admin group have high-level privileges and often fly under the radar. These are shared accounts and make for a perfect place for rogue staff members to steal data.

  • Hijacked domain admin group

While checks and balances exist to audit this group, too many sysadmins do not even check audit logs. This paves the way for undetected data loss.

  • Unauthorized app installation/usage

Users can bring in malware and spyware accidentally when they install their own apps. Is there a policy to monitor what apps are allowed and detect which apps have been downloaded by whom?

  • Unauthorized data deletion 

Either on purpose or by accident, sole copies of enterprise assets could be deleted from the system. Scheduled backups provide some level of mitigation for data deletion; without this, organizations stand to lose significantly.

  • Unauthorized email account usage

It's natural for staff to leave their computer on and remain logged into email all day. Unfortunately, rogue staff could take advantage of this to steal corporate data.

Protecting Your Organization From Internal Threats

A transparent internal firewall (INFW), like that from industry leader Fortinet, brings at-a-glance transparency to the network. Staff can enforce enterprise security policies and have first alert of any threats or suspicious activity without having to modify network setup or spend time configuring permissions.

When adding security resources, it is important to work with a systems integrator like TVAR, who understands the unique needs of Federal and Government Agency IT departments and who has expertise working with best in class technologies, including Fortinet. TVAR Solutions is your partner for simple yet effective federal IT solutions.

 
 

View more news and events

Let's Talk Today

Latest Happenings

Upcoming Events:
12/11-12/13 - Law Enforcement - Homeland Security Forum and Technology Exposition
1/10 - GSA, NTSB, HUD, DHS, FAA, DOE at L'Enfant Plaza
We're loving our new Denver office space! November 1, 2018
Here's to another great season, Capitals!
First team lunch in our new digs! We're now in Suite 240!
TVAR Solutions Named to CRN’s 2018 Solution Provider 500 List Read More
We're excited to welcome a new Civilian Rep, Adam Strisik to the team!
Happy to report 100% participation in our latest charitable giving campaign with GiveStream! We love being able to choose charities that we are passionate about! Find more info here!
We'd like to welcome two new members to the team!! Hunter MacBain, who is covering Air Force and Rosa Morales, who is our new Marketing Associate & Office Manager. Happy to have you both!
Gonzo was definitely Mr. Popular today at the TVAR office!
We have 2 new TVARian's! We'd like to welcome Natalie Lane, our new Accounting & HR Manager and Aaron Bradd who will be covering Department of Justice. Thrilled to have you both here with us.
At Super Computer 2017, our Account Manager Chris Clifton discussed TVAR Solutions' differentiators as well as our strong partnership with Panasas. Watch here! https://www.youtube.com/watch?v=VP657NG_Fj8&feature=youtu.be
Panasas Names TVAR Solutions 2016 Partner of the Year! February 28, 2017 Read more here.
We're very pleased to welcome Chris Norton, Lucas Arroyo, Sam O'Daniel, and Cris Musselwhite to the TVAR Team!
Nikki takes our Monday morning forecast meetings very seriously! November 21, 2016
We'd like to welcome our new Customer Support Rep, David Mendes to the team as well as a new Special Programs Rep Jim Rice! We're excited to have you both.
We loved giving back with Hewlett Packard Enterprise last week at their USO-Metro: Pack for the Troops Event!
"I chose the Pancreatic Cancer Action Network because we lost my grandfather in 2007 to pancreatic cancer. They hold wonderful fundraising events that my family participates in periodically and they're very passionate about helping those that are affected as well as raising funds for research. I love that TVAR has given us the opportunity to hand select charities we are passionate about." - Lauren Baird
We're happy to announce our new corporate giving campaign through Innovative Corporate Charitable Solutions! EVERY employee gets to choose a charity where a portion of TVAR's funds will go to! A message from our President, Dave Saunders: click here.
TVAR Solutions Named to CRN’s 2016 Solution Provider 500 List! Read More Here.
"Welcome to TVAR Solutions, can I help you?" - Nikki, one of our favorite TVAR dogs #TGIF
We start them early at TVAR...James learning how to forecast!