While most cyber security measures are put in place to focus on threats outside of an organization, there may be some untrustworthy or negligent individuals who are increasing chances of a cyber-attack within your company. Let’s discuss how you can reduce potential threats to your business and provide solutions to prevent future exposures.
Types of insider threats
Before we explain how an employee can become at-risk, we want to clarify the different kinds of threats that might surface, so they can be easier to spot:
- Malicious Insider- an employee’s motivation to intentionally harm the business by selling access to a company’s network or deploying ransomware
- Accidental or Non-Malicious Insider- average employees who harm security through negligence or error, which can be just as damaging as sabotage
- Third-Party Vendors- someone associated with, but not working for, an organization, who is given access to the internal systems
- Zombie Accounts- old user accounts and permissions that are still active even after the employee no longer works for the company
How employees increase cyber threats
Now, most of the time employees aren’t intentionally trying to cause a cyberattack. As it turns out, more than two out of three insider threat incidents are caused by negligence. Furthermore, the average cost per incident due to employee negligence is about $307 and could increase based on what impacts occur to the business and the type of attack that occurs.
There are multiple reasons negligence occurs in the workplace. First and foremost is recognizing we are all human beings who make mistakes. Sometimes a person is caught off-guard, and doesn’t realize the damage they’ve caused until it’s already done. Then, there is the lack of reporting the attack. More than 40% of employees don’t report potential phishing out of fear of getting in trouble. No one wants to be the cause behind a virus infiltrating a system or breach, but it can happen, and it’s better to report it sooner, rather than later. By doing so, IT security staff can begin the process of uncovering the hacker and shutting down systems before the intruder can collect any valuable intel.
Another huge risk many employees might take a chance on is reusing or writing down passwords. Known as credential misuse, this is one of the fastest ways your company could experience a data breach. Unfortunately, even though 90% of participants in a password’s habits survey knew the risk of password reuse, 59% of them admitted to doing it anyways. Sometimes people need to learn lessons the hard way, but hopefully not at the risk of costing your small or midsized business hundreds of dollars.
The risks above keep in mind the employee’s intent is accidental. Unfortunately, there are disgruntled employees who can wreak havoc by giving a hacker clear access into your database. You can identify them by noticing if they’re taking data with them when they leave permanently, or if they’re selling their still-functional access credentials on the dark web after they’ve left the company. Stolen, legitimate network credentials can be sold on the dark web for anywhere from $3,000 up to $120,000 depending on the company and level of privilege on the account. This doesn’t have to be from a terminated employee, either. Third-party vendors can just as easily release passwords to hackers.
We’ve also mentioned zombie accounts that might still be accessible in your IT systems. Employees transitioning out of the company can pose the biggest security risk, as 45% of them usually download, save, or send work-related files before leaving the job. This means that your data is no longer contained, and you don’t know who is obtaining information from your database.
How to prevent insider risk
While there might be more potential risks your company could run into, we wanted to give a list of solutions that will help tighten security and provide peace of mind.
1) Communicate expectations and procedures
Let your staff know what you expect of them and educate them on how to avoid fall prey to phishing scams, which prevents hackers from entering in. People make mistakes, so it’s important to set an example of a company culture that doesn’t shame people, but one that is proactive and ready to go should there be a data breach. Remember to regularly enforce processes and procedures, giving your staff refreshers and updates as threats continue to evolve. Unfortunately, cyber-attacks aren’t a matter of “if,” they’re a matter of “when.”
You can even take it a step further by implementing an effective cyber security awareness training program. You can train and test your employees through phishing simulations, sensitive data left out in the open, and spotting cyber-attacks. This will not only provide structure to your communication, but it will also set employees on the same page when it comes to your expectations on data security.
2) Create unique passwords
At CoreTech, we use a variety of passwords and security systems to protect data, as well as backups, just in case. One of the programs we use is LastPass, which helps us manage our passwords and keep them secure.
Want to learn more about LastPass? Check out our article: How to enable LastPass on your phone (iOS and Android)
Here are some other tips for keeping track of your passwords. First, don’t leave them out where people can see them, hence a password manager. It might feel easy to leave it on a sticky note, but a side-glance could be the undoing of your account and provide access for hackers to your network. Second, if you detect any kind of security breach, then it's time to create a new password for your logins. Third, use a variety of special characters by replacing “O” with “0” or “a” with “@.” For example: “password” could be changed to “p@$$w0rd.” Lastly, avoid using common passwords, such as password, 123456 or qwerty.
3) Clear out old accounts and permissions
If an employee is leaving, make sure they don’t take any company data with them, and their logins are completely cleared from your system, or at minimum passwords are changed. This way if the employee decides to sell login information, the hacker can’t access your database. It’s also a good idea to check your IT systems regularly to make sure there aren’t any zombie accounts wandering around. This closes off any loopholes hackers might use as an entry point.
Want to know more?
With insider risk up more than 40% in 2021, security experts are expecting these risks to continue increasing in the coming year, especially with more employees committing to working from home. There is no better time than now to find your weak points within your IT systems and patch them up. We understand the process can be overwhelming, which is why CoreTech is here to support and guide you through an IT security assessment. We want to set you up for success when it comes to your cyber security by eliminating all potential threats, both inside and outside your small to midsized organization.
We have a plethora of resources and blogs. You can check out our LastPass guide, our guide for protecting your business from a cyber-attack (located below), or you can look at our previous blogs for more tips and information about insider risk and password protection. Please reach out to us about an IT security assessment or security questions you may have for your business. Contact us today!