News Archive

Insider Combat

by msecadm4921

What can organisations do to combat the insider threat? writes Amichai Shulman, CTO and co-founder of Imperva.

SailPoint has recently released their survey results regarding employee behavior with respect to corporate data. An interesting figure indicates that 24 per cent of the surveyed Brits mentioned they would copy electronic data and files to take with them when they leave a company.

This figure should certainly raise concern and comes as no surprise. In fact, a similar survey conducted by Imperva covering 1000 individuals in London, demonstrated how severe this problem really is. That survey showed that 79% of the respondents mentioned that either their organization does not have data removal policies (upon employee departure), or they were unaware of such policy. Furthermore, the vast majority (85%) store corporate data in home computers or personal mobile devices.

This is an immediate consequence of the trend called “Consumerisation of IT”. What we are witnessing is a phenomenon where the employees themselves are the ones who are introducing their preferred technologies to the enterprise. Today’s employees are tech-savvy and they want their employers to accommodate all these new technologies and devices. Workers are using social networks as an online collaboration tool.

Others are using their personal devices to access the company’s web mail. In fact, according to a Unisys survey – referring to 2010 data – 95 per cent of workers use self-purchased technology for work. More so, employers don’t even seem to be aware of how their employees are integrating their own devices into their jobs: in that same Unisys survey, workers reported using consumer devices at twice the rate that their employers had reported.

The proliferation of mobile devices has further lent itself towards the “Consumerisation of IT”. The SailPoint’s survey indicates that 29 per cent of British employees use mobile devices to access the company’s private Intranet or portals. The Unisys’ “Consumerisation of IT” survey from 2010 shows even higher adoption rates among US employees. In recent years we have seen a growing variety of mobile applications that are a gateway to enterprise systems, including CRM, ERP, and document management. On top of this, the devices are consistently growing in terms of storage capacity and web technology adoption. Apple’s iPhone comes with up to 32GB of internal storage, while its bigger sibling iPad can accommodate up to 64GB of memory. (For context, one million records holding names, addresses, and social security numbers will occupy approximately 0.5GB.).

The “Consumerisation of IT” has left the door open to Insider Threats. While the common belief is that the insider threat is usually a corporate spy or a revenge-seeking employee, the reality is more mundane. As it turns out, it is the average Joe that represents the most probable threat. Employees enjoy legitimate access to sensitive corporate data while on the job. They use their access privileges to rightfully create copies of the information as they process it for their daily tasks. Upon leaving the organization, many individuals do not care to remove copies of sensitive information, and in some cases even develop a sense of personal ownership towards it.
As we can see, the “Consumerisation of IT” has left businesses with diminished control over access to internal perimeter and user behavior at the end point (e.g. password policy, storage encryption, use of AV software cannot be enforced employee owned devices). As a consequence, organization must put more focus on protecting data sources against abusive activity by authorized users and devices. What should organisations do to prevent this data getting out of control?

•Enforce strict access controls over critical data. This access control should be based on a business need-to-know level. This cannot be achieved by a singular project but rather imposes a process of constantly evaluating user access privileges
•Monitor access to sensitive corporate data and maintain a detailed audit trail.
•Detect abusive access patterns to sensitive corporate data.

About the author: Amichai Shulman is co-founder and CTO of Imperva, where he heads the Application Defense Center (ADC), Imperva’s research organisation focused on security and compliance. Shulman regularly lectures at trade conferences and delivers monthly eSeminars. For more information, visit –

Related News

  • News Archive

    Motorist Messages

    by msecadm4921

    At Dartford Tunnel, part of the Dartford River Crossing, a new PA system provides voice announcements in the confined space within the…

  • News Archive

    Scareware Beware

    by msecadm4921

    Fake anti-virus products, also known as scareware or rogueware, are one of the fastest growing threats on the internet, and attempt to…

  • News Archive

    Stella Walsh Award

    by msecadm4921

    The Fraud Women’s Network is inviting its members to nominate either a fellow member or someone within the industry who has achieved…


Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing