Is your data safe with your employees? Maybe not.
Though your company’s sensitive data is closely guarded, locked away behind firewalls and password-protected portals, there’s another threat that should keep you up at night. That gnawing feeling is one shared by 39 percent of IT professionals worldwide: They’re more concerned with their own employees leaking data than any hacker.
But employees are just part of the problem. Hackers are still a real threat. Generally speaking, data leakage comes from one of three sources: employees accidentally releasing sensitive information; employees purposely leaking data; and external hackers and thieves stealing data. As a result, IT is playing defense on two fronts.
Let’s review who these people are in more detail, and learn how IT can protect sensitive data loss from inside leaks and outside attacks.
The Well-Meaning Insiders: Mishandling sensitive data can happen to any employee. Often, risky behavior is a result of employees being unaware of how their actions put data at risk. Imagine a member of the accounting team emailing the rest of the department invoices or statements that contain bank account or credit card numbers – that’s a risky move, but one that’s often thought of as harmless. Copying sensitive data to portable external hard drives or storing it in the cloud are common ways these Well-Meaning Insiders expose data to the outside world.
The Malicious Insider: One Forrester study found about 12 percent of breaches are intentional leaks. A Malicious Insider is a disgruntled employee retaliating against the company, willing to sell trade secrets or intellectual property to the highest bidder. A Malicious Insider can also work with hackers interested in stealing sensitive data. Just recently, hackers have offered Apple employees upwards of $20,000 for log-in credentials, in an attempt to steal the company’s data, corporate strategy, or user accounts.
The Malicious Outsider: This is an easy one – the Malicious Outsider is a hacker or any outsider that hopes to access your servers and profit off your sensitive data. Or maybe these hackers are more interested in embarrassing the company. Malicious Outsiders are often interested in personally identifiable information (or PII) that they can use to commit fraud.
What causes holes in your security dam
Because employees have easy access to sensitive data, they’re often in danger of leaking company secrets or personal information without realizing the risks. It often comes down to a lack of education – employees don’t grasp why uploading customer information (like credit card information) or PII (such as Social Security numbers) to the cloud or portable storage can lead to data risk. But the reality is thumb drives are often lost or misplaced, and files in the cloud can be accidentally shared with others.
Employees represent about 40 percent of all data breaches, and one in five IT professionals say Malicious Insiders pose the biggest internal threat. But that doesn’t mean businesses should downplay the risk of external threats, especially small businesses, which are often targeted because of lesser security controls.
Now, what can IT do about these threats from the Insiders and Malicious Outsiders? Some of the best roadblocks to data leakage are policies laid out in data loss prevention (DLP) services.
Protecting your systems, inside and out
If we think of DLP as the skeleton of IT security, its policies are the bones. A DLP solution will have policy rules that detect, classify, manage, and protect confidential and sensitive data, working in tandem with better employee education.
Generally speaking, a DLP policy can be structured to recognize credit card numbers; if an employee (Well-Meaning or Malicious) tries to send that data in an email, DLP will prevent that action, inform the user that action isn’t allowed, and create an incident report for IT. These policies should be customized for every organization.
DLP also can quarantine data in secure locations if it detects an outside threat – a hacker – is attempting to access and copy the information. These systems, coupled with Next-Generation firewalls and better security controls, act as a full defense in depth approach to security.
Keep the good in and the bad out
IT security focuses on keeping intruders out and preventing sensitive data from escaping the walls, so educating employees is part of the solution.
DLP systems are predicted to be one of the fastest growing security segments through 2019. These systems can discover data on a server, and show IT who owns it and which employees can access it. Mapping out all of the sensitive data on the network allows IT to write thorough polices that actually protect that information.
These DLP policies, as well as better employee education, should help protect sensitive data not just from hackers and disgruntled employees, but from employees that can sometimes get careless. A well-designed IT security system with a DLP solution will prevent intruders from stealing PII while it protects trade secrets, company data, and other IP.