Maintaining data systems security has become a must for any type of company. This article looks into unique and novel ways of understanding the most significant source of data threats in your company: local users.
Three Types of Threat
According to an Insider Threat spotlight report, 60% of IT security professionals claimed that the frequency of insider threats in the last year had risen dramatically. Given the high statistics, it is evident that insider threats are now more prominent than ever before and hence must be mitigated from a different point of view. This involves understanding the intersection of three critical elements found in every company: users, activities, and applications.
User Threats
People in any company are bound to make errors. In this regard, their mistakes can be targeted by cybercriminals who look to create deliberate damage. And when these hackers are granted access to sensitive data and get a foothold into the company’s systems, users, therefore, become the highest insider threat to the company.
It is crucial to realize the different types of users within your company and understand their risk profiles. Typically, there are three types of people in organizations. These include:
- Third-party vendors and contractors: Several high-profile data breaches that took place including the ones at Home Depot and Target were due to stolen login credentials from third-party vendors.
- Permitted or privileged users: The most significant cyber-attack that took place at Sony was traced to the credentials stolen from a systems administrator.
- Application users: A small-time financial advisor at Morgan Stanley took advantage of his privileged user access to pilfer data on 350,000 wealth management customers and post a portion of them on the Internet.
Initial reports and studies further revealed that regular business users pose the biggest data threat to most companies. And this is substantiated by the recent Cost of Data Breaches Report released by IBM and Ponemon Institute, which revealed that over 80% of internal data breaches arose from regular business accounts that did not have any administrator privileges. A critical factor expounding this reality is that the volume of business users, the amount of activity, and the access to sensitive applications endanger the data and resources of the company. This is even more true today with the increase in home working and the remote access of company documents and data.
Activity Threats
The most common threat to data security is human activity, regardless of whether it is due to negligence, irresponsible behavior, purposeful intent, or otherwise. Internal staff, as well as third-party permitted users, can function in a manner that can jeopardize an organization’s systems and data. It can be highly challenging to identify unauthorized activity among privileged permitted users, given the type of actions performed every day by all kinds of users. And when companies are unable to detect unusual activity patterns in the context of their data, cybercriminals and internal users with malicious intent can destroy, rob, leak, or alter sensitive information.
Examples of how user activities can lead to data risks include:
- Exporting large amounts of confidential information to personal accounts.
- Uploading classified information onto third-party cloud applications, thus exposing it to hackers.
- Purposefully sharing essential and classified information with non-permitted users.
- Surreptitiously installing remote desktop applications to monitor documents in the office.
- Responding to phishing emails and granting access to cybercriminals unwittingly.
- Clicking on unauthorized websites that could install malware on a user’s computer and the company network.
Application Threats
Internal staff and contractors become a source of risk through the applications they use to view organizational data. While most business applications have functionalities to enhance work productivity, some may have no place in the company and could result in data breaches. Examples of applications that can be hazardous to data security include desktop sharing, file transfer, cloud sharing, screen captures, peer-to-peer file sharing, and the like.
While companies have spent thousands of dollars and efforts to implement systems in securing their documents, databases, and information, there is still much to be done. Traditionally, methods such as virtual private networks, intrusion detection systems, firewalls, antivirus software, and others were regarded as reliable data security measures. However, solutions also fall far short of maintaining reliable document security. When users have direct access to a company’s most valuable information through the applications they use, the only solution that can work to safeguard the data and protect documents from theft, leakage, and misuse is digital rights management.
A Solution: Digital Rights Management (DRM)
Digital Rights Management, also known as DRM, is a set of access control technologies that can protect documents and organizational data by securing the functions of the applications used, preventing malicious or irresponsible user activity performed within them. As a comprehensive, document security solution, it provides organizations with the exact insight into what each user can do with the data shared with them.
This can be a proactive method of preventing unauthorized and out-of-policy user activity, stopping potential data risks. A document DRM solution also offers the ability to accurately determine who is doing what with the information, while also giving any organization controls to revoke access to documents, even after they have been viewed.
The combination of users, activities, and applications in today’s work environment is the most significant data security risk to companies. However, a document security system such as DRM can specifically mitigate these risks by granting a wide number of controls to prevent any of the three elements from causing a severe data hazard.