Insider Threats - Vodanile

Insider Threats

Are we protecting ourselves against insider threats?

Are we protecting ourselves against insider threats?

Insider threats are commonly thought of as one of the most difficult threats to defend against. With the growing use of contractors, freelancers, and temporary employees throughout an enterprise, defending against potential internal threats seems next to impossible. In 2013, the FBI estimated malicious insider threat attacks cost approximately $412,000 per incident.1

Although there is no single solution for defending against insider threats, experts recommend a multi-pronged approach that involves action from several members of leadership. Talent acquisition should focus on strong background checks on all employees and contractors, and human relations can help catch red flags stemming from irregular employee behaviour (such as missed work or bragging about potential damage they could do).2 CFOs and CTOs can discuss the possibility of implementing security behavioural monitoring tools to identify instances when any employees access files they have no relation to, files or information is saved to an external location, or employee logins happen at irregular times.

Fortunately, if suspicion of internal threats does arise, solutions like Microsoft Data Loss Prevention (DLP) rolled into OneDrive for Business, SharePoint Online, Exchange, and Office 2016, will enable your IT administrators to protect against data loss without stretching their compliance budgets.

 Click here for Office 365 Enterprise E3 Trial

This trial invitation includes:

- 25 user licenses Office 365 Enterprise E3 Trial 

Exchange OnlineOutlookWordExcelPowerPointOneNoteAccessOneDrive for BusinessSkype for Business

 

All the features of ProPlus and E1 plus compliance tools, information protection, and voicemail integration

  • Exchange Online, Outlook, Word, Excel, PowerPoint, OneNote. Access, OneDrive for Business, Skype for Business
  • Unlimited email storage for in-place archive
  • Advanced email with archiving and legal hold
  • Unified eDiscovery center
  • Rights management, data loss prevention, and encryption
  • Hosted voicemail support

Administrators will receive notifications if confidential information is being exchanged, and they have the opportunity to recall data and access from certain employees. Additionally, with DLP, administrators can review incident data and generate incident reports to see exactly where information may have been leaked.

1 Fred Donovan, FierceITSecurity: Is the person sitting next to you a malicious insider?

2 George Silowash, Software Engineering Institute: Common Sense Guide to Mitigating Insider Threats: 4th Edition