Safeguarding Information Resources from Insider Threats ~ Blog, PC Care 247 Tech Support Redefined

Tuesday, 28 February 2012

Safeguarding Information Resources from Insider Threats

Insider threats have been around for a long time and if one were to trace them back to the earlier civilization’s, it was in 1800s that the first batch of computers suffered an attack at the hand of malicious insiders. Invented by Joseph-Marie Jacquard of France, it was essentially an automatic loom that ended up boring the brunt of an attack launched by malicious elements.

Two insider variables working against you
There are two insider variables which seem to be working against an employee big time:
·         Firstly, Trust &
·         Secondly, Legitimate Access  

Computer Help
The first instance allows malicious insiders to conduct espionage, steal sensitive data, and sabotage assets quickly, easily and with a greater degree of stealth than an external attacker. Careless and negligent insiders pose a similar threat, even if their intentions wouldn’t be considered to be nefarious. Something one could end up carrying out accidently or with purpose; leading to ramifications fraught with adverse consequences. And additionally from there on an investigation into the insider activity would enable one to ascertain whether the same act was carried out with a malicious intent.

Best Practices Considerations
·         Monitoring every user’s interaction with information
·    Ensuring high-end accountability irrespective of an endpoint gadget in question i.e. it does not matter whether a device in question is a laptop, desktop, tablet, or a smart phone
·   Protecting clients from careless activity related to accidental sharing, posting, and   uploading of information as well as any activity related to lost or stolen laptops and USB thumb drives
·         Employing varying controls across all information states—at rest, in motion, and in use
·         Aggregating controls across endpoint, network, and data for holistic visibility
·       Centralizing security control management for rapid incident identification, analysis, and response

While at the end of the day, human analysis would be essential to protect information from insiders, it is impossible to know if individuals responsible are indeed supported with the right type of security controls. And in such a scenario no black box can be plugged into a network that will mitigate all careless and malicious insider activity. However, then again there are sets of controls which when leveraged collectively could provide strong incident detection, protection and response capabilities across all endpoints, networks, data as and when the requirement be.

No comments:

Post a Comment Copyright © 2012-2013 by PCCare247 Solutions (P) Ltd.