When IT experts discuss threats to the security of a business or organization, often the first image one thinks about is a threat from outside the company. A person or organization hacking their way in to steal vital and sensitive data is the most common image conjured up. Unfortunately, that is only one form of cyber security threat. Internal security threats are just as critical and often more likely. Internal security threats are among some of the most serious technology threats for small and medium-sized businesses. In fact, a CoxBlue study shows that 48% of all data breaches are because of internal threats such as negligent employees, employee sabotage, accidental loss of data, or weakened security measures or practices.
What Is An Internal Threat?
Internal threats to your organization’s computer systems and sensitive data can take several different forms. For instance, employees carry and work with sensitive data all the time. From taking a laptop home to finish up a project without proper security software, to leaving a desktop unattended for an extended amount of time, employees can unwittingly become a vulnerability in a plot to weaken the security of an organization. Sadly, sometimes employees are intentionally a malicious threat and have plans to sabotage or steal data from the business. Internal threats can include:
Not following company protocol regarding passwords, or leaving data open on an unattended monitor.
Theft of data or physical equipment.
Accidental loss or disclosure of data.
Not following access control measures, or ignoring best practices for cybersecurity.
Improper staff training to recognize red flags.
While innocent mistakes are always a possibility, following proper procedures and security protocols can help mitigate some of these accidental internal threats. However, the more malicious, planned threats are another thing entirely.
Each business has its own set of needs and requirements when it comes to reducing internal threats, usually in the form of an information security plan. As in some of these plans, here are some common ways to reduce the amount and scope of threats.
Establish ongoing and regularly updated physical security measures for all infrastructure. This should include server rooms, workstations, routers, and access panels, no matter how insignificant a piece of infrastructure might seem.
Create a series of specific access control procedures that only allows certain employees to access certain data.
Establish desktop management policies.
Employ intrusion detection systems (IDSs).
Audit systems regularly.
Ensure that traveling laptops or BYOD equipment have the proper data protection software.
Have critical data points such as servers physically locked.
Change locks or passcodes as well as client passwords to any shared accounts immediately when employees leave, most especially if the departure was an unfriendly one.
Avoid discussing or exchanging password info over unsecured channels.
Train employees to be on the lookout and to “see something, say something” in regard to internal and external threats.
Employ the use of surveillance equipment if you fear an employee may be accessing data, not within their purview.