Insider risks of remote work on the rise: How to protect your organization
This year has brought a complete change in the way many companies work.
Some organizations were ahead of the curve. They were already experienced with distributed teams and third-party contractors. Others, not so much.
These businesses have had to start almost from scratch, quickly shifting their on-premises IT operations to remote working via the cloud. Unfortunately, a key security concern that comes with the shift to global, distributed work is increased insider risk.
Sensational headlines lead people to believe that insiders act maliciously to steal corporate data. While that does happen, it’s rare. According to the Ponemon Institute, only 14% of insider incidents are malicious.
Oftentimes, an insider threat arises from an employee, third-party contractor, or vendor who makes a completely innocent mistake. Or they could be a victim of credential theft that leads to a compromised account.
Still, a distributed workforce – including third-party workers – does make managing insider risk more complicated. Here are two of the most common insider risks of remote work, and how you can protect your organization against them.
1. A surge in cloud-based tools
Remote work means teams must rely more on cloud-based tools to get their jobs done. These can include video conferencing, collaboration tools, file sharing services, email, messaging platforms, and more.
While the cloud is nothing new, the use of cloud services has surged since the beginning of the pandemic. For example, video conferencing apps alone saw 62 million downloads during a single week in March.
The rise in cloud-based tools presents organizations with different risks. The most glaring is that sensitive corporate data flows through these systems and can easily fall into the wrong hands (whether maliciously or accidentally). Once data is shared externally with third-party vendors and contractors, preventing data loss can become even more complex.
You don’t have to put your cloud-based systems on lockdown to prevent these risks. Restricting the use of these tools could even cause your employees to circumvent corporate IT rules or use unsanctioned “shadow IT” tools.
Instead, focus on gaining a better understanding of both user and data activity via a combination of monitoring and alerting. For example, a pattern of suspicious user activity on cloud services could mean a potential insider incident is in progress.
With this knowledge, your security team can investigate potential insider threat indicators and take necessary action.
2. A lack of cybersecurity awareness
One of the biggest insider risks of a remote workforce is a lack of cybersecurity awareness. According to Kaspersky, one-third of security incidents that affect cloud technology happened as a result of social engineering.
Many people lack basic knowledge of security best practices, such as using multi-factor authentication (MFA) and strong passwords to protect accounts. Per the Ponemon Institute, insider incidents from credential theft are by far the most costly for organizations, at an average of $871,000 per incident.
To prevent this from happening to your organization, take the time to make sure your remote employees, as well as third-party contractors and vendors, understand how to properly use corporate IT systems. Start by providing cybersecurity awareness training and easy-to-interpret security policies. Many of these training programs provide real-world knowledge, which your employees can apply to both their work and personal lives.
Preparing for long-term change
While transitioning to remote work may have been jarring for many companies, the security changes made today can have positive effects on your organization for years to come.
Protection against insider threats requires a mix of people, processes, and technology. Set up proper training, implement easy-to-understand security policies, and use tools that provide context around potential insider incidents.
The global, mobile workforce isn’t going away anytime soon. By modernizing your approach to mitigating insider risk, you’ll have one less thing to worry about.
About the author
Josh Epstein is the VP of Marketing for Proofpoint Insider Threat Management. He has 20+ years of experience in a range of marketing, strategy, and business development roles and has worked both for start-ups, including Kaminario and Reddo Mobility, as well as global technology companies like EMC, CA Technologies, Acme Packet, and Oracle. Additionally, Josh is an active advisor to several early-stage, Boston-area technology companies.