An inside job: is your network safe from your employees?

A recent study by Intel Security showed that internal ‘actors’ – employees, contractors and third-party suppliers – were responsible for 43% of data loss incidents. Whilst half of this figure was down to accidental loss, the other half was classified as intentional, highlighting the importance for businesses to have robust security measures in place to counteract the effects of both external and internal threats.

Only recently, accounting software firm Sage confirmed that they had suffered a data breach as a result of unauthorised access to customer data using an internal log-in. Sage is currently working with the City of London police and the Information Commissioner’s Office to understand the scope of the incident, which may have compromised the personal details of employees across 280 UK companies.

According to Intel’s report, internal actors responsible for data exfiltration (whether their behaviour was accidental or intentional) were more likely to use physical media rather than electronic methods and most often the target of their theft was employee information. The most common format of data stolen by internal actors is Microsoft Office documents (39%) and the preferred physical media to assist the theft is USB drives (15%), followed by laptops/tablets (11%). The top three electronic methods used by internal thieves to steal data are web protocols (15%), file transfer protocols (11%) and email (10%).

The high number of incidents caused by internal actors is a sign that businesses of all sizes need to place as much focus on identifying and preventing internal security threats as they do on external threats. As half of data breaches caused by internal actors are accidental, the study concludes that businesses should consider using simple dynamic feedback like pop up messages that inform employees when their email has been flagged for the sensitivity of its content. Providing employees with regular training on security matters like effective password usage could also help to prevent accidental data breaches.

But what about the intentional inside jobs? How do you manage and prevent them? In the research, Data Loss Prevention (DLP) software is identified as one of the top two tools for catching insider data thefts, with 64% of security professionals agreeing that DLP technology could have prevented their data exfiltration events. As well as classic perimeter and endpoint security measures, technologies like encryption, data loss prevention and cloud applications could help to reduce the risk posed specifically by physical media theft.

Another more long-term strategy to bolster your security capabilities is to retain your business’ security professionals. Amongst the individuals surveyed, those who had long-standing security professionals embedded in their business were more likely to have a more robust set of security defences and a more confident, practical knowledge of how to prevent security attacks.
This is something Len Carter, Information Security Specialist, Networkers, wholeheartedly agrees with:

“Working within specialist IT recruitment, I know the importance of finding the right talent for your business and I also appreciate the value of retaining experts within your business.”

“Effective recruitment is not only about finding people with the right skills and knowledge but also finding people who are suited to your business, as they are more likely to be a long-term fit.”

“Once you’ve made a hire, you should turn your attention to employee retention to ensure you get the most out of your investment. Regularly checking in with your IT security employees to check they are satisfied in their job and feel supported with training and development could allow you to address any issues early and retain your valuable members of staff, thus improving the security capabilities of your business.”

Of course, both internal and external security threats will always be a risk to businesses as long as data remains a valuable commodity. In this digital age businesses need to ensure they have appropriate measures in place to combat every stage of the security risk cycle, from prevention and detection to recovery. In addition, efforts should not be solely focused on preventing threats from entering the network but also to protect data from exfiltration.

Recommended articles

Top in News & insights

Back to top