Cyber threats coming from the inside
FYI, this story is more than a year old
Awareness amongst business leaders around IT security, particularly within government, is on the rise, according to SolarWinds, who says company data leaks dominating news headlines is contributing to the increase.
“If you were to check the newspapers today you could almost guarantee there would be a story on the latest IT hack,” the company says.
SolarWinds says the high profile nature of these cases are helping drive the understanding that these threats are no longer coming from a cyber-gang nested in a secret hiding place and hacking into the servers of businesses on the other side of the globe.
“It instead helps businesses realise that they should perhaps be looking a little closer to home,” the company warns.
A recent survey by SolarWinds found that 53% of government IT professionals identified careless and untrained insiders as the biggest IT security threat.
Joel Dolisy, CIO at SolarWinds, says despite this, it remains to be seen whether maliciousness was intended or not.
Dolisy says there are some things businesses can do to help address the growing issue of insider threats.
Automate network configurations
Although IT teams are often stretched and battling budget constraints, by automating the network configuration process the procedure could be carried out much more efficiently, Dolisy says.
“An automated tool can perform scheduled network configuration backups, bulk change deployment for thousands of devices and all with minimal input from the IT pro, freeing up valuable time,” he says.
“As well as limiting the concern over insider threats, these tools can also catch configuration errors and automatically notify the administrator of any compliance issues, making their lives much easier.”
Know who is accessing the network
Dolisy says the BYOD boom has added a great deal of risk to organisations as employees choose to use their own devices.
“Losing a laptop or having a smartphone stolen out of a bag can lead to vast amounts of vulnerable data which can prove catastrophic to the organisation if something is leaked or worse, compromised,” he explains.
By creating a policy that allows the team to track and monitor devices, switches and ports, IT pros can block unauthorised devices from accessing the network, says Dolisy.
“To ensure maximum security, it is best to develop a ‘whitelist’ of all the devices which are allowed to infiltrate the network and flagging any devices outside of this list which attempt to gain access,” he says.
Nonstop network monitoring
“Ideally an IT pro would be omniscient,” Dolisy states.
“But since it’s impossible to be aware of everything that is happening on the network, investing in a solution, such as security information and event management (SIEM) and log and event management software, can automatically monitor the network for any anomalies and alert administrators of any potential breaches, data leaks, unauthorised users, or suspicious activity,” he explains.
“This frees up an IT pro’s time to focus on solving the problems flagged,” says Dolisy. “It also allows them to pinpoint where the root of the problem is and identify the user who could be unintentionally compromising the network.”