MyPage is a personalized page based on your interests.The page is customized to help you to find content that matters you the most.


I'm not curious

Effective Strategies Against Employee IT Sabotage In Your Company

Published on 28 May 14
387
0
0
Effective Strategies Against Employee IT Sabotage In Your Company - Image 1

Employee IT sabotage is essentially an insider threat in which employees (former and current) misuse or exceed the authorized level of access to data, PCs, or networks with the intention of harming the organization, and daily business operations.

Don't think this could effect you? The State of Data Security and Privacy report reveals insider threats are emerging as the main cause of data breaches. It goes on to show that research results indicate around 36 percent of breaches stem from employee misuse of data.


25 percent of the survey respondents, including SMB and enterprise companies with two or more personnel, said that malicious insider abuse is the most common reason for the occurrence of a breach. Going further, the rouge employees arenât committing the deed by themselves alone; theyâre increasingly cooperating with cyber criminals to carry out negative operations.


The nature of sabotage is also becoming sophisticated; evolving from simple copying and deleting a database to injecting advanced malware to collect sensitive information about a company. The aim behind these sabotages is shifting from financial theft to collection of intellectual property. Specifically, insider threats now attempt to steal both financial credentials and sensitive corporate data.


It is clear that this is a big deal.


Security strategies for overcoming employee sabotage

As insider threats are increasing and constantly evolving, companies need to start factoring these threats into their security practices. The following strategies can help prevent and mitigate IT sabotage within your company:


Define and verify privileges


Scrutinize the level of access employee have to company data, and objectively evaluate whether the level of permissions is appropriate or otherwise. Also, you would want to ensure the list of people who have access to sensitive company data is the shortest list possible.


While it is good to trust your employees, monitor what they are doing â from account permissions to application workflow, and so on. Monitor all such activity and have controls in place for detecting and escalating exceptions. Establishing baselines for user behavior, human access to data, and application access could also work well as it will let you detect unusual happenings.


Have recovery in place


Though monitoring employee privileges and activity can pick up risky intentions pertaining to your companyâs IT infrastructure, raising alerts for example when employees use vulnerability assessment tools or software in suspicious ways, it is always good to have recovery measures in place as it take times between detecting and stopping security adversaries.


Implementing a disaster recovery solution would ensure your business operates with minimum interruption. The goal is to setup a plan where you can continue operations in case of unexpected events like employee sabotage. Businesses using the cloud can also take advantage of data recovery for mission-critical applications and data without any additional hardware investment.


Clear change procedures


There should be clear change procedures for your system and access passwords so no employee can access the data or make changes after leaving the company. If they do need access, they can be granted compartmentalized access which can be overseen by trusted IT security members in your organization.


This protocol will be effective in ensuring the work of ex-employees is kept separate from the productive environment. It could indeed slow down some processes, but is an effective way to keep control over system security. Donât just assume that your current employees can be the only cause of a sabotage event.













Effective Strategies Against Employee IT Sabotage In Your Company - Image 1

Employee IT sabotage is essentially an insider threat in which employees (former and current) misuse or exceed the authorized level of access to data, PCs, or networks with the intention of harming the organization, and daily business operations.

Don't think this could effect you? The State of Data Security and Privacy report reveals insider threats are emerging as the main cause of data breaches. It goes on to show that research results indicate around 36 percent of breaches stem from employee misuse of data.

25 percent of the survey respondents, including SMB and enterprise companies with two or more personnel, said that malicious insider abuse is the most common reason for the occurrence of a breach. Going further, the rouge employees arenât committing the deed by themselves alone; theyâre increasingly cooperating with cyber criminals to carry out negative operations.

The nature of sabotage is also becoming sophisticated; evolving from simple copying and deleting a database to injecting advanced malware to collect sensitive information about a company. The aim behind these sabotages is shifting from financial theft to collection of intellectual property. Specifically, insider threats now attempt to steal both financial credentials and sensitive corporate data.

It is clear that this is a big deal.

Security strategies for overcoming employee sabotage

As insider threats are increasing and constantly evolving, companies need to start factoring these threats into their security practices. The following strategies can help prevent and mitigate IT sabotage within your company:

Define and verify privileges




Scrutinize the level of access employee have to company data, and objectively evaluate whether the level of permissions is appropriate or otherwise. Also, you would want to ensure the list of people who have access to sensitive company data is the shortest list possible.

While it is good to trust your employees, monitor what they are doing â from account permissions to application workflow, and so on. Monitor all such activity and have controls in place for detecting and escalating exceptions. Establishing baselines for user behavior, human access to data, and application access could also work well as it will let you detect unusual happenings.

Have recovery in place




Though monitoring employee privileges and activity can pick up risky intentions pertaining to your companyâs IT infrastructure, raising alerts for example when employees use vulnerability assessment tools or software in suspicious ways, it is always good to have recovery measures in place as it take times between detecting and stopping security adversaries.

Implementing a disaster recovery solution would ensure your business operates with minimum interruption. The goal is to setup a plan where you can continue operations in case of unexpected events like employee sabotage. Businesses using the cloud can also take advantage of data recovery for mission-critical applications and data without any additional hardware investment.

Clear change procedures




There should be clear change procedures for your system and access passwords so no employee can access the data or make changes after leaving the company. If they do need access, they can be granted compartmentalized access which can be overseen by trusted IT security members in your organization.

This protocol will be effective in ensuring the work of ex-employees is kept separate from the productive environment. It could indeed slow down some processes, but is an effective way to keep control over system security. Donât just assume that your current employees can be the only cause of a sabotage event.

This blog is listed under Data & Information Management and IT Security & Architecture Community

Related Posts:
Post a Comment

Please notify me the replies via email.

Important:
  • We hope the conversations that take place on MyTechLogy.com will be constructive and thought-provoking.
  • To ensure the quality of the discussion, our moderators may review/edit the comments for clarity and relevance.
  • Comments that are promotional, mean-spirited, or off-topic may be deleted per the moderators' judgment.
You may also be interested in
Awards & Accolades for MyTechLogy
Winner of
REDHERRING
Top 100 Asia
Finalist at SiTF Awards 2014 under the category Best Social & Community Product
Finalist at HR Vendor of the Year 2015 Awards under the category Best Learning Management System
Finalist at HR Vendor of the Year 2015 Awards under the category Best Talent Management Software
Hidden Image Url

Back to Top