Identify and Stop Rogue Employees Before They Become a Security Threat

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.foxnews.com/us/2015/06/18/identify-and-stop-rogue-employees-before-become-security-threat/

Our age of seemingly limitless technological advancements are rapidly
transforming every aspect of our lives, particularly what it means to go to
work in the 21st century. But this has also led to the likelihood that
employees are using tools outside the scope of what their employers allow
(think: cloud-based computing, storage and file-sharing tools),
unintentionally jeopardizing the security of their organization.

Companies often overlook these rogue employees, despite the fact that they
pose just as serious a threat as employees with malicious intent -- and
even more for many organizations. There are three types of rogue employees:
The Innovative, The Bad and The Lazy. Here’s how you can identify and stop
them in their tracks:

The Innovative

They are creative, curious, ambitious, resourceful and efficient. They have
a relentless drive to get the job done and even a healthy dose of
rebelliousness. Unfortunately, their effectiveness and independence can
prove to be seriously deleterious to organizational security.


These ambitious employees will seek out workarounds to improve their
performance, even if that means bending the rules. Curious workers and
early-adopter types might be fascinated by the latest and greatest
technology advancements and enjoy trying them out. Others might feel
constrained by onerous rules -- rules that they resent for slowing them
down, and rules they view as intended for those less capable and less
trustworthy than themselves.

The rise of BYOD working environments, mobile apps and cloud-storage
solutions further enables such behavior, adding convenience with each
advance in capability.

The reason The Innovative rogues can present such a danger is precisely
because they are great at their jobs. But the danger their ruthless
efficiency presents to the security of an organization should not be
underestimated.

The Bad

It’s easy to picture this variety of rogue employee: hackers, thieves and
spies. But it’s not always so Hollywood. Disgruntled employees with access
to highly secure information and enough of a grudge to exploit it, slighted
workers who dramatically quit and steal proprietary information and
terminated employees determined to exact revenge are The Bad employees to
look out for.

The most prevalent example of The Bad might be the Access Hoarder, who
demands to be involved in as many processes and systems as possible, even
ones far removed from his or her role. But as they accrue access to more
and more systems, the risks they pose also add up.

It’s not only about them having the ability to see, share and potentially
alter or steal sensitive information. It’s also about the long lists of
log-ins and passwords they leave in their wake, which increases the
likelihood of some accounts being underused or forgotten.

Rarely will you see a scary headline explicitly mention how an Access
Hoarder almost brought down a company. The reality, though, is that even in
high-profile breaches, when the bad guys do break through an organization’s
perimeter security controls (e.g., firewalls), their first priority is
often commandeering an account — and it’s exactly these types of
over-privileged accounts that serve as prime targets.

The Lazy

For any organization, the leading cause of risk is laziness. These
employees may not be concerned with following drafted protocols -- that is,
if they even understand them or know they exist at all.

Perhaps they store their usernames and passwords on post-it notes, or use
Dropbox instead of a sanctioned storage and file-sharing service, because
it’s all they know and they don’t want to learn something new. All the
while they have no idea that their insistence on circumventing corporate
policies opens up their organization to serious risk.

Even scarier might be a systems administrator who turns out to be part of
The Lazy rogues. Maybe they grant access to people in the organization
they’re friends with and trust, rather than taking the time to go through
proper channels, documentation and authorization.

Education, training, constant monitoring, severe access restrictions --
these might help alleviate the problem, but they are in no way fool-proof
solutions to the threat posed by rogue employees of any type.

The surest course of action to protect the data, privacy, and stature of
your organization is to use identity and access management software to
automatically grant access to resources only when an employee needs it.
This eliminates the ability of employees to access information they
shouldn’t be able to see, stopping them from going rogue even by accident.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!