As we continue to watch the global fallout of the leaking of the NSA’s secret surveillance of everything from phone calls to Facebook, one of the more interesting and perhaps disturbing revelations was that the embarrassing leak of top secret U.S. spying operations came from a trusted insider.
What was perhaps even more disturbing was the fact that the alleged whistle-blower had largely unsupervised access to some of the biggest U.S. intelligence secrets, in spite of the fact that he was only on the job for a few years and actually started as a facilities security guard.
It’s a reminder that so many threats can come from places we don’t expect, and even trust the most, and that for many organizations their next big security breach could already be on their payroll. Just last week we talked about how the majority of recently reported data breaches, more than 60%, were traced to the actions of insiders. And while most of those incidents were probably as a result of mistakes or negligence, small businesses can never rule out the potential risk to their business if an insider becomes malicious.
Insider attacks can be devastating for small businesses. In one of the first big high-profile identity theft cases, a former employee at a small software company in New York caused more than $100 million in losses when he used his access privileges to download thousands of consumer credit reports and sell them to identity thieves.
He was apparently disgruntled after he was fired by the business owner, and still had access to so much sensitive information because his boss simply forgot to cancel his password.
If you want to minimize your exposure to risks like this, there are a number of simple steps you can take:
- Conduct background checks. It seems like a very simple idea but you’d be surprised at how few small businesses actually conduct thorough background checks. And background checks shouldn’t just be restricted to criminal records. Make sure you get as many employer references as possible and contact those employers.
- Control and monitor access to sensitive or confidential information. Employees should only have access to sensitive information or critical resources on a need-to-know, need-to-have basis. For example, determine exactly which employees should have access to your website, make sure they don’t share their access credentials and passwords with others, and keep track of who accesses your website and when.
- Have clear policies in place so employees know what they can and can’t do, and the consequences for ignoring those policies. A policy is a very important security and business document. Not only is in an easy way to remind employees of the security rules, once their signature is on the policy it’s much easier to punish violators.
- Focus on ongoing training. It’s important that all employees understand the security basics and how to spot vulnerabilities, so their mistakes don’t end up creating a security breach.
- Encourage all employees to be vigilant and to report any suspicious or prohibited activities, especially by co-workers or contractors. If they’re uncomfortable turning in a fellow employee, remind them that even a small security incident could be a job killer.
- As soon as an employee or contractor is no longer working for your business, or no longer needs access to networks, data or other sensitive assets, cancel their password and access privileges.
While eliminating the insider threat is an important step of cyber security. It is also important to put in place precautions to safe guard against potential infections they may spur. One great example of this is a website scanner that can monitor for and clean infections. T0 learn more about this type of solution visit SiteLock today or call 855.378.6200.