Category

Protect endpoints against insider security threats

September 06, 2018

No organization is safe from a security breach, and the culprit isn’t always the shadowy hacker you might picture. In fact, many security threats come from within an organization. The problem is two-fold. First, a malicious insider, at the very least, has physical access to your facility. And, depending on their role, they may have access to sensitive data or business-critical IT systems. Second, employees frequently leave their laptops and other mobile devices unattended at their desk or in common areas. Even if you issue laptop security guidelines it may not matter, since most employees assume that the workplace is safe. This can be a dangerous assumption.

As an IT professional, you are responsible for preventing security breaches regardless of who’s behind them. So, it is essential to develop a security strategy that protects against internal and external threats. Consider the following tips when assessing your security plan.

          1. Implement “zero trust” security. Zero trust security is a security methodology based on the idea that organizations should not automatically trust anyone outside or inside its perimeters. Conventional security models operate on the assumption that everyone and everything inside an organization’s firewall can be trusted. However, this no longer true (if it ever was).

            Zero trust security, a concept first introduced by analyst firm Forrester Research, flips conventional IT security on its ear. It’s mantra “never trust, always verify,” is designed to identify and address internal and external threat movement across a network. However, the concept does not need to be limited to network security. Requiring employees to badge into the workplace or restricted areas is a good example of how the zero trust security  concept can be extended beyond the network.

          2. Deploy endpoint security tools. Multi-factor authentication and full disk encryption are relatively easy to deploy and go a long way to ensure that corporate data does not fall into the wrong hands. Multi-factor authentication requires more than one method of authentication to verify a user’s identity—for example, a password and a fingerprint scan. Full disk encryption is exactly what it sounds like: The contents of a laptop or mobile device are encrypted at rest, and a decryption key is required for access. Some laptops offer native encryption capabilities.  Another option is to use a third-party tool that offers both encryption and multi-factor authentication.

          3. Deploy endpoint protection software. Most companies today have server backup solution in place, but neglect endpoints. However, endpoint protection is essential if you are serious about reducing theft risk. Choose an endpoint data protection product that takes continuous, automated, policy-based backups, so you can restore data in the event it does get lost. Additionally, look for security features such as global location tracking and remote lock or wipe.

    The goal is to make it as difficult as possible for a disgruntled insider to access a laptop or desktop that is not their own and conduct malicious activity. Strong physical and IT security practices are essential to protect against insider threats. Remember the zero trust message: “never trust, always verify.”

    Unfortunately, even with strong planning and preparation security breaches still occur. That’s why you need a second layer of protection. Endpoint backup ensures you’ll be able to recover if a breach does occur.

    Tags:

    • Carbonite