Blog
  • Register

Subscribe to our blog

CTN Blog

Are Your Biggest Threats Coming From Inside Your Company?

Are Your Biggest Threats Coming From Inside Your Company?

Most businesses that lean on their IT go to great lengths and expense to keep those systems secure. Sometimes, however, all those firewalls and antivirus software don’t stop threats that come in from your staff. Today, we are going to go through the three different types of human error that your staff can undertake, and how to deal with each.

Accidental

The most benign of the insider threats is the accidental mistake which typically happens when data is in transit. Circumstances often lead to situations that are less than ideal. Typically, these types of mistakes are made when an employee isn’t properly trained. If you have security policies in place, but an employee hasn’t been made privy to them, or at the very least they aren’t given the knowledge on how to stay compliant of them, then there is a disconnect that can often lead to problems. 

Negligent

Unfortunately, most insider threats are of this nature. These are threats that are brought on directly from user error because of a lack of diligence. When data is lost in a database, when malware is downloaded on the network, or when mobile hardware is lost, your company is dealing with user negligence. Most negligence is not premeditated, but due to its avoidable nature, it is looked on much less favorably as compared to accidental mistakes. 

Malicious

An insider could act in a way that is intentionally malicious towards an organization. This can come in several forms. A user that has access to company computing resources can deliberately steal data, inject malware, and bypass security policies enacted by the IT administrator. Then there is the mole, who is a person that is actually an outsider, but is provided access to company computing resources, and uses his/her position to pass information onto competitors, steals it with the intention of selling it off, or using it nefariously later. 

How to Spot Insider Threats

The nature of the beast here makes spotting insider threats difficult, but there are some indicators that can help you identify if you have a bad actor in your midst. 

  • Type of activity for users - If a user has access to certain resources, but their job doesn’t typically require them to use those resources, especially ones that are filled with sensitive information, then you wouldn’t be misguided to further monitor that employee’s behavior on your computing network. 
  • The volume of traffic - If you can’t account for a sudden uptick in network traffic, then you may want to investigate. 
  • Times of activity - If you see spikes in traffic at strange times, then you’ll need to ascertain why.

How to Protect Against Insider Threats

You can take some pretty straightforward steps to combat any insider threats. They include:

  • Increase visibility - You will want to put systems in place to keep track of employee actions. You can do this best by correlating information from multiple sources. 
  • Enforce policies - Having your policies documented and easily accessible will avoid any misunderstanding of your business expectations on how employees interact with its technology resources. 
  • Comprehensive training - IT isn’t everyone’s cup of tea. To avoid accidental mistakes and to help reduce negligence, consider putting together strong training initiatives. They will go a long way toward helping staff understand what is expected and what is possible.
  • Access control - Of course, if you set up permissions for every part of your business, you can effectively set who can see what, making sabotage and negligence less likely to hurt your business. 

If you would like help identifying how to protect your business network and data from threats, even the ones that come from inside your business, call the IT professionals at CTN today at (610) 828-5500.

A Brief Introduction to Database Management System...
How Remote Monitoring and Maintenance Helps Us, He...

Mobile? Grab this Article!

QR Code

Latest News & Events

CTN Solutions welcomes John Kessler as vCIO/Senior Technology Consultant and the newest member of our leadership team. John contributes over 20 years of IT experience, serving as a technical leader and network expert within market rese...

Latest Blog

Once a mobile device outlives its presumed usefulness, the default assumption is that there is nothing left to do but dispose of it. However, before you do so, reconsider. There may be other ways that your device could show its utility. For...

Contact Us

Learn more about what CTN can do for your business.

Call us today
(610) 828-5500

610 Sentry Parkway
Suite 110
Blue Bell, Pennsylvania 19422