Malicious insider threat is one of the highest risks a modern organisation can face. These can be users who are generally authorised and granted access to sensitive information and plan to use that access in a malevolent manner.
However, the threat is not always a malicious employee, with human error blamed for the vast majority (93 per cent) of the data breaches in the financial services industry alone (ICO report), having just as much of an impact as a malicious breach.
Growing Data Volumes
With growing data volumes, organisations struggle to know where all their sensitive information is, having inadequately defined and communicated policies for how that sensitive information should be handled. But, more importantly, with inadequate controls in place to detect and prevent inappropriate transmittal or disclosure of sensitive information from insider threats.
The key to knowing when to apply enhanced levels of security controls is through data classification. If you don’t know where your data is, where it resides, who has access to it and what can be done with it, it’s difficult to identify appropriate security controls both for the data, and the systems which store, process and transmit this information.
How can you ensure your employees are playing an active role in protecting your organisations most sensitive data?
All organisations should have detailed acceptable use policies for all employees and should make employees review and sign the policy annually. This is a basic step but one that organisations tend to overlook. Having a written data classification policy will not necessarily prevent insider attacks, but it can still be useful for providing the entire organisation with a baseline of what is acceptable usage and the proper methods for handling sensitive data.
Data Classification Technologies
Data classification technology, like Boldon James’ Classifier, provides a way of educating your employees about the sensitivity of the data they are creating, sending and storing. Your users and business departments have the best idea of the criticality and sensitivity of the data, once they are provided with the tools to do their job.
This can complement automated technologies to identify sensitive data, significantly reduces the chance of an accidental breach with simple rules in place to review the classification labelling within existing security technologies, such as email gateways.
Key Takeaways for Reducing The Insider Threat
The key takeaway for insider threats is: empower your users to classify your data and apply appropriate access controls, monitor the activity associated of that data and secure that data with monitoring systems such as Data Loss Prevention systems—in both the public and private sectors.
Data classification is at the heart of any data security strategy. Without understanding the information in the context of the user and business, including what the information is and where it is located, it is impossible to implement a comprehensive data protection program.
This post was originally published on the JAW Consulting UK website.