Who is the biggest IT security threat in your business

Here’s what you can do to minimise this threat.

(1) Employee vetting All staff must be thoroughly vetted for honesty. For sensitive positions, police criminal checks should be undertaken. You must also ensure that your third party contractors have similarly vetted their own staff.

(2) Training and education Have well-documented procedures that provides training for all staff. Educate them on the need for strong security and the implications of careless or bad password management. Awareness and training exercises should include education about scams such as phishing and key logger scams. Consider introducing a password management system and deploy validated encryption as part of your strategy. In highly sensitive situations you might consider the introduction of two-step authorisation.

(3) Introduce a strict password cancellation policy for ex-staff Ensure that proper procedures are in place so that all passwords are immediately cancelled for any employee leaving the company.

(4) Have a clear BYOD policy This should be a carefully written document that spells out exactly what employees can and can’t do with their devices. This will include such FAQ’s as: Can they download company documents, emails or business data Can they download personal applications onto company networks Implement systems to monitor mobile devices. This will reduce risks if a device is lost or stolen. Encryption and containerisation of data on devices can also form part of an overall solution.

(5) Introduce a “no tinkering” policy No unauthorised tinkering with the company’s systems should be allowed and specifically no devices, USBs etc. should be connected without first being checked by your IT security team.

(6) Insist that all third party contractors have acceptable security procedures All service providers must implement “best practice” as far as password security is concerned. Monitor the contractor’s security procedures and immediately cancel all access passwords as soon as a provider has ceased working for you.

(7) Monitor and report Violations of the policies can be monitored and actions taken to identify and stop real damage from occurring. While tools and techniques can be quite complex, to manage out the numerous false-positives (security events that are benign) much can be done by simply monitoring for internal threat scenarios that could be most damaging to your business. Ensure that a well-defined incident management procedure is in place to back up the management of a security violation and that there is a disciplinary procedure in place to deal with employees and contractors who would compromise the security of your organisation.

Once youve addressed the insider threats within your organisation, you can turn your attention to external cyber threats.

David Lello is director of professional services, Burning Tree.

Meanwhile,Matthew Ravden,VP of Balabit, looks at who takes accountability for the insider risk.

Share this story

Send this to a friend