It’s been well-established that the biggest security threat in any facility has nothing to do with external hackers or cyber-threats. Simple negligence causes the vast majority of data breaches, and is very often the cause of data center downtime, as well. Luckily, such negligence is pretty easy to deal with.
Implement a training program to help employees better understand what they’re doing. For any staff who prove resistant or impervious to learning, there’s the door. Simple, right?
What if, instead of acting out of negligence, an employee is acting out of malice?
That’s more common than you might think. In 2007, a disgruntled staffer working at a data center in Folsom, Sacramento intentionally pressed the emergency power off button, cutting his employer off from the market for more than two hours. In 2013, an IT professional at Citibank managed to destroy connectivity to 90% of the company’s networks across North America.
In both cases, the bad egg was quickly weeded out and prosecuted. And that’s what will happen in the majority of situations – it’s not that hard to track down a malicious employee. What’s difficult is doing so before they cause any damage.
The IS Decisions Blog recommends incorporating an insider threat program, consisting of the following measures:
- Employee education with a focus on engagement is likely what you’re already doing. Making employees more knowledgeable about security reduces the risk that someone will inadvertently cause harm to your systems, but this education does little to protect against disgruntlement.
- Use monitoring and management technology to keep track of suspicious activity and lock off access in the event that something unexpected or unusual occurs.
- Stay up-to-date on emerging security threats and the technology in-use in your organization.
- Generate user alerts that notify a user – and you – when they’re engaging in suspicious behavior. This serves two purposes: first, it ensures that users will better learn what they should and should not do. Second, it lets you keep an eye on anyone who might be a problem employee.
- Educate senior management, and focus especially on C-level commitment and buy-in.
- Implement access controls that apply to both employees and partners. Take special care to remove access from ex-employees and former partners immediately upon termination of your working relationship.
- Take a multi-layered approach to security, with multiple levels of authentication.
- Last but certainly not least, be transparent about what you’re doing to protect your data. Communicate your approach clearly and thoroughly to employees, partners, and customers.
Internal actors can be one of the most difficult threats to defend against. At the same time, they can also cause the most damage if left uncontrolled. You need to do everything you can to ensure malicious employees aren’t given the means or the power to damage your business operations.