To better protect against breaches, organizations must establish best practices for securely exchanging privileged information. For instance, employees must avoid bad habits (such as sending sensitive or highly confidential information via e-mail or writing down privileged passwords on sticky notes). IT managers must also ensure they educate employees about the need to create and set secure passwords for their computers instead of using sequential password combinations or their first names.
The lesson here is that the risk of internal data misuse and accidental leakage can be significantly mitigated by implementing effective policies and technologies. In doing so, organizations can better manage, control, and monitor the power they provide to their employees and systems and avoid the negative economic and reputational impacts caused by an insider data breach, regardless of whether it was done maliciously or by human error.
Five Steps to Preventing Insider Data Breaches
Five Steps to Preventing Insider Data Breaches
Mismanagement of processes involving privileged access, privileged data, or privileged users poses serious risks to organizations. Such mismanagement is also increasing enterprises’ vulnerability to internal threats that can be caused by simple human error or malicious deeds.
According to a Computing Technology Industry Association (CompTIA) survey, while most respondents still consider viruses and malware the top security threat, more than half (53 percent) attributed their data breaches to human error, presenting another dimension to the rising concern about insider threats. It should serve as a wake-up call to many organizations that inadvertent or malicious insider activity can create a security risk.
To significantly cut the risk of these insider breaches, enterprises must have appropriate systems and processes in place to avoid or reduce human errors caused by inadvertent data leakage, sharing of passwords, and other seemingly harmless actions.
Adam Bosnian, vice president of products and strategy at Cyber-Ark Software, offers the following best practices for organizations serious about preventing internal breaches, be they accidental or malicious, of any processes that involve privileged access, privileged data or privileged users.
More Slideshows:
14 Tips for a Successful IT Infrastructure Library (ITIL) Implementation Overcome resistance to the structure imposed by ITIL implementation.
Eight Steps to Organizational Effectiveness Discover what being an effective organization really means and how you go about creating one.
Smart Grid: A Closer Look at Potential and Obstacles Review key components of the smart grid and the obstacles facing this massive undertaking.
