Ten Ways to Protect Your Network From Insider Threats
Insiders -- the people who already have access to your network -- can do a lot more damage than a hacker who's still outside the firewall. Learn ways to minimize your risk from the insider threat.
Here are ten things you can do to protect your network from the insider threat:
1. Screen potential new employees before you hire them
According to CERT, over 30 percent of insider attacks are carried out by people who have criminal records at the time that they are hired. Basic checks can help you identify prospective employees with a history of fraud or theft, while in certain industries it may also pay to have a third party carry out more specialist background checks to try to identify industrial spies or agents from foreign governments.
2. Look out for changes in employee behavior
3. Publicize you security policies
Well meaning employees who take data home to work on a laptop and then lose it, or who write their passwords down on Post-IT notes where colleagues can see them, also pose an insider threat -- albeit without malicious intent. The best defense against these threats is to remind people continually of your security policies and the reasons why these policies exist. It may also be appropriate to remind employees of the consequences to them of failing to adhere to security policies or any other negligent behavior.
4. Carry out exit interviews
68 percent of insider attacks are carried out by former staff within three weeks of leaving, according to CERT. An exit interview is an opportunity for you to remind staff leaving your organization of the consequences of any illegal actions. Some organization present employees with printouts of recent emails or Web sites that they have visited to reinforce the message that their actions have been monitored. "If a staff member gets fired, he may go and have a beer, and start thinking about revenge. If you talk to him about the security precautions you have in place, and mention the consequences of revenge attacks including prosecution, this may go a long way to preventing such action," says Davis.
5. Implement end point data leak protection
59 percent of staff that lose their jobs take confidential corporate information with them on a DVD or USB drive, according to the Ponemon Institute. End point security systems aim to restrict what portable storage devices can be used, and by whom, and to monitor what information is copied. Such systems can be useful in making it harder to copy information maliciously without being detected, but can't prevent a trusted insider with authority to copy data from doing so maliciously.