The Siren call of the Internet is hard to resist for eight hours every day. People, even good employees, can only imagine what they are missing on social media that will be “old news” by the time they get home. Or how many flash sale bargains will they miss? And don’t even start on all the streaming services being pitched to watch everything from live sporting events to their own recorded DVR content anytime, anywhere! While it is certain that most of this can be accessed on a mobile device like a smartphone, many would rather find ways to avoid using their data allocations, and avoid explaining why their personal phone is being used so much.
In addition to efforts to bypass controls for inappropriate internet use, employees often seek ways to get around security for legitimate business activity. Every day tasks may be more complicated due to corporate controls like requiring Two Factor Authentication, proxy routing, and other complicated password and access controls. Since employees often do not understand, or fail to take into consideration, the reasons behind network access restrictions and controls, they might view their efforts to circumvent controls as a positive thing to be more productive. A simple reality in business is that there are still people who see security as an hindrance to getting their work done.
Simply put, people continue to be the weakest link in your security armor, either from ignorance, laziness or outright malicious intent.
With 60 percent of all data breaches having an insider element including negligence, malicious insiders and credential theft, it is important to address this issue. When your users can utilize Cloud solutions like personal, web-based email from company computers, all Data Loss Prevention and malware protection tools are bypassed. Pornography and gambling sites are uniquely problematic for both the content they provide and as a group, they are highly infested with malware and viruses.
Unfortunately, there is no universally perfect firewall or security policy that will eliminate risks from human behavior. But there are several focus areas that can help minimize exposures and instill better practices by your employees.
- Restrict acceptable use policies for what employees are permitted to do with company computers when off-network since employees often engage in risky computing while off the corporate network, then bring the results on-network when they return to work.
- Focus on “joiners and leavers” from your corporate environment. Both are in unique positions for facilitating or perpetrating data theft.
- Pay special attention to employees with a record of violating company policy or safe computing guidelines. People who tend to ignore the rules are often prone to engage in high-risk behaviors.
- Watch for anomalous user behavior. Changes from normal processing such as a sudden increase of file downloads or accessing systems more frequently may signal that the employee is preparing to steal data or deploy malware.
- Increase awareness and training for employees and security teams, focusing on techniques designed to detect risky actions and affect long-term changes in user behavior.
- Invest in and keep current with security tools. Eliminate or minimize the use of tools which are known to be prone to credential theft while increasing the use of tools that provide a broad view of end user activity and enable rapid pinpoint analysis of suspicious activity.
Vigilance is the price of freedom, but it is also the price of security!