Let’s take a look at the impact your department can have on protecting against the new angles of threat that come with our new way of working. HR, IT and legal each have unique ways they can contribute to protecting their company against insider threat, and don’t worry — most of these build on things you’re already doing.
Interweaving HR and Data Security
HR is hugely important to data security in the new era of work. Your position at the frontlines gives you an essential role in protecting collaboration and you have the power to significantly mitigate internal threats. Even though insider threats stem from your employees, it’s important to not let a few bad apples spoil the bunch. The last thing you want is a witch-hunt atmosphere. This is about preserving the good in your company, not just about nabbing shifty-eyed Jim from the elevator.
We know you’re busy. Thankfully, helping out doesn’t require clearing your schedule. Here are a few quick, effective, security-oriented tweaks that can go a long way in securing your company’s work.
- Ensure proper screenings for prospective employees.
Checking to see who you’re letting into your business has always been important – but now that your data is cloud-based and more easily accessible, the stakes have been raised.
- Be transparent in your data security measures when onboarding.
Ensure that your cyber security policy is both comprehensive and comprehensible to new hires. Review it in simple language and show that you understand it and prioritize it. Make it clear that workplace materials and property (laptops, etc) are subject to monitoring. This alone can act as a deterrent.
- Train and educate your staff about insider threats.
This can help foster an atmosphere of shared security. Plus, educating your employees about the potential for insider threat doesn’t need to be adversarial – it can be collectively empowering.
Illustrate it to them on a personal level. Take the nebulous concept of “security” and make it real.
“You’ve seen your friend Tim from Product Development work overtime every night for 2 months. You can help protect his novel source code from slipping out the door. Be aware of insider threat indicators like sudden isolation from other coworkers, sending or receiving unusually large attachments, or coworkers insisting on being the sole administrator of a system.”
52% of surveyed organizations believe that the critical factor enabling insider threat attacks is a lack of employee training and awareness (with lack of suitable technology being a close second). This is where you can step up and make a serious dent towards the mitigation process.
- Notify IT of employee status changes throughout all stages of the employee lifecycle.
Communication is key. The most effective way to keep data safe is to have all of your teams aligned.
Want to learn more? You know that turnover is costly, no surprise there – but there’s an even bigger issue beneath that. Check out our eBook on the real hidden cost of leavers and what you can do about it.
The IT Factor
IT and cyber security have an increasingly overlapping relationship. After all, data loss almost always happens in IT’s court. For someone looking to steal valuable data — where there’s volume, there’s opportunity. This is why cloud collaboration apps, databases and file servers are the most likely sources of value to be ransacked in an insider threat incident.
Even though the IT team and security team have always been close, the new paradigm requires them to get even closer. Theft of business-critical data or IP such as product designs, source code, trade secrets, etc. are becoming more and more common.
But less than half of IT professionals (45%) consider insider threat to be the main source of risk for data loss. There’s a hefty gap there. What’s more, IT is usually among the first to take blame in the case of data loss.
So, how to protect your crucial files in a sharing-heavy world? Standard practices like privilege management aren’t enough on their own, as highly-privileged users can be the most dangerous form of internal threat. On top of that, over-exercising privileges can block collaboration and stifle the open, fluid work environment we’re seeking to safeguard.
Here are a few things you can do to help ensure a collective, cohesive security environment for your company’s best digital assets.
- Evaluate your toolset.
First and foremost, make sure to focus on the fundamentals. If those security tools aren’t solid, then the rest will crumble in times of uncertainty. In addition, the latest and greatest security software won’t necessarily save your data from grabby hands inside your organization. Your security tech stack should include software specifically designed to protect from internal threats, with a focus on consolidated visibility (hey, that’s Code42).
- Review your departing employee process.
Ensure that all hardware is returned and the appropriate accesses are revoked. With the amount of cloud apps your organization is probably using, keeping track of logins can easily get messy. One illicit login could be the difference maker.
- Make your voice heard.
Talk it out with security and make sure you are on the same page. Is upper management aware of the potential threat? They should be.
Legal’s Unique Role In Data Security
For the legal team, an insider threat incident results in a swirling mix of issues, all of which require clear and deft navigation. We’re talking about dealing with privacy laws, compliance laws, IP laws, criminal law, employment law, and more.
Expect to be consulted on matters of proper disclosure in the event of an internal data breach. Things like: What does the timeline look like? Have we notified authorities within GDPR’s required 72-hour window? Through which channels will we be communicating to our shareholders and the public?
It’s safe to say legal has a vested interest in keeping the impact of insider threats to a minimum (that is to say, not imploding from the amount of work).
However, despite the potential for a legal minefield, the legal team is uniquely capable of protecting their company, investors and employees through policy-setting.
So, what can you do?
- Ensure you’re notified of the incident ASAP.
You’ll want to be asking the right questions immediately after an incident – as you’ll likely have a metric ton of questions aimed at you. You’ll need to know the facts and be able to determine what actions to take.
- Reach out to department heads.
It really does take a team. Talk with department heads to ensure you have a unified, comprehensive and up-to-date internal policy set to mitigate internal theft. Security, HR and IT could probably use your assistance when it comes to navigating documentation surrounding monitoring consent or user data.
- Ensure that new hires have no ambiguity when it comes to security policies.
No “I didn’t know”s. No holes of the loop variety.
The exciting new world of digital collaborative work needs a collaborative effort to protect it.
The ownership of data security no longer belongs to just the security department – it belongs to everybody. Every department head, every employee can help in safeguarding company data.
Yes, everyone’s already got a full plate, but it’s necessary to do more for data security because now, there’s more to protect. Most of these anti-insider threat measures are relatively easy to implement and practice. This new paradigm is absolutely worth it.
Code42 IncydrTM helps you implement a cyber security strategy that focuses on a consolidated, highly-detailed viewscape of your file activity. Become alerted to suspicious behavior as it happens and be prepared to take immediate action – your data depends on it.
Don’t wait for an important breach. Make sure your company is equipped to monitor, detect and respond to insider threat incidents ASAP.
