It’s been awhile since I’ve just done a basic tip, and so I thought I’d do a topic which is...
Larilyn’s Tip of the Week: Insider Threats
This week’s tip is going to be a little different than usual. It hits on a topic that I’ve hit on before to an extent. And I feel slightly like I’m beating a dead horse at this point.
But it involves security, which is a VERY IMPORTANT topic. And so I will continue to highlight the importance of it.
When it comes to computer security, one of the biggest threats is actually what is called an insider threat.
What does this mean?
It means that the threat is coming from within the company. This can be either someone intentionally doing something malicious, but it can also just be from someone being negligent. I would like to touch base on both.
Let’s first talk about someone intentionally doing something malicious. I want to share a quick story that Scott shared with us here at the office recently.
“Juliana Barile, the former employee of a New York credit union, pleaded guilty to accessing the financial institution’s computer systems without authorization and destroying over 21 gigabytes of data in revenge after being fired.
“In an act of revenge for being terminated, Barile surreptitiously accessed the computer system of her former employer, a New York Credit Union, and deleted mortgage loan applications and other sensitive information maintained on its file server,” Acting U.S. Attorney Jacquelyn M. Kasulis said. “Gatlan, Sergiu. “Fired NY Credit Union EMPLOYEE Nukes 21gb of Data in Revenge.” BleepingComputer, BleepingComputer, 1 Sept. 2021, www.bleepingcomputer.com/news/security/fired-ny-credit-union-employee-nukes-21gb-of-data-in-revenge/.
This scorned former employee was able to delete over 20,000 files in less than an hour. Why? Because her access had not been revoked.
Our clients are usually very good about telling us when they hire on a new employee – mostly because they need a new email address or computer log on for them. However, almost all of our clients struggle with letting us know when an employee has left their position.
Whether an employee leaves on good terms or bad, it is imperative for your businesses security to cut off their access. This means disabling their log on credentials and their access to email.
Sometimes clients want to retain the employees account so that they can access their email or files. And that’s understandable – and also doable through means other than logging in as that employee. We can transfer files to a new owner. We can create an archive that we can give you access to. We can grant delegated access to a shared email box. Cutting off their access does not mean cutting off access to their data to those within the company who should have access still.
So the moral of this story is, if you are in a position where you are responsible for letting us know when an employee has left your employ, let us know immediately!! Especially if they are being let go. Let us know when the meeting will be taking place, and we will cut their access while in the meeting.
Now let’s talk about negligence. The first thing I want to point out is that negligence can also lead to a scenario like that listed above. How? By people sharing passwords with each other! So even if we’ve cut off access of the bitter employee Sarah, if they know the password to everyone else in the office – guess what? They can still cause chaos, and it might not even be something you can trace back to Sarah because the electronic trail will point to Brittney instead, since it was Brittney’s log in credentials that were used to access the system. And then Brittney finds herself in hot water.
Please. I’ve said it before. I’ll say it again. Here’s that dead horse. Do. Not. Share. Passwords. I get it. It makes things easier day to day if you can just hop on someone’s computer and get what you need. But again, there are other ways for you to have the same information. I have sat in too many meetings and trainings and read too many stories where all of the businesses security is compromised by a stupid shared password. Stop doing this!
Then there is the insider threat that comes just from people not knowing that what they are doing is dangerous – letting malware or a hacker have access to the network by clicking on a link they shouldn’t or opening a file they shouldn’t. Always pay close attention to emails that aren’t from people you know, or are from people with files or links you aren’t expecting. Use safe email practices and always be on the look out for scams!
If you are in a position of authority at your business, we would recommend implementing some sort of security training regularly. Things are constantly evolving, so regular training is a great way to be proactive against new trends of scamming and phishing.
It’s an unfortunate truth in the world we live in today. The bad guys are always trying to get in. Please make sure the bad guys aren’t already on the inside! Most people don’t want to worry about security like this, but it’s reality. We have to be vigilant and always be looking for ways to make sure we are being safe!
If you need any help with this, reach out to us and we can give you more specific recommendations.