The danger’s lurking within: 5 tips to protect yourself against an inside job

By Philipp Giesbrecht on 12. July 2018

5Tipps_Innenschutz_750x250_i01

With ransomware, trojans and malware in the news, companies often think hackers are the biggest security risk. But it’s not always external attackers who exploit vulnerabilities in the company network. Your own staff may be able to use their extensive access permissions for data misuse – and without much effort. It’s rare for organisations to be as well equipped with tools to prevent internal attacks compared to those coming from outside.
Here are five tips to help you protect your company effectively against data losses caused by internal perpetrators.

1. Introduce differentiated access rights

To protect your sensitive data, you can grant staff from different departments the appropriate access rights for their work. In doing so, you’re achieving the goal of the need-to-know principle. In other words, your employees don’t get access to documents and data sets unless they need it specifically for a task. You can use different security levels to set up what’s known as “Chinese walls” within the company. These prevent data being shared between various departments and will limit the extent of any data loss.

2. Use high-security two-factor authentication

To keep the risk level as low as possible, you would be well advised to use authentication in two steps as a second protection measure. For example, users aren’t only asked to enter their password, but also the security code from the Authenticator app on their smartphone. The code is only valid for a single session. So even if an internal perpetrator steals a password, they can’t get access to sensitive information and data.

3. Shield your information

Another way to protect your data is with shielding. System and service providers should never have access to your files and documents. And shielding also lets you limit the access rights of your administrators to the information relevant to their job.

4. Implement Information Rights Management

Information Rights Management technologies enable you to monitor sensitive documents and protect them against unauthorised downloading. IRM gives you effective control over documents, even when users are authorised to access them. In addition, dynamically-embedded watermarks prevent screenshots too. That way, your data stays in its protected environment and can’t fall into the wrong hands or be accessed by unauthorised users.

5. Use a tamper-proof history log

It’s a good idea to log all activities in a tamper-proof history to prevent data theft by insiders – or uncover who did what after a theft. That gives you end-to-end visibility and traceability in your information flows.

Information Security

This could also be of interest:

Cryptic messages: an ABC of encryption

Cryptic messages: an ABC of encryption

Read more
Software design: the importance of microservices and agility

Software design: the importance of microservices and agility

Read more
The value of data: cyber-criminals have companies in their sights

The value of data: cyber-criminals have companies in their sights

Read more
The role of the CISO: a key function

The role of the CISO: a key function

Read more