Watch out for insider threats

Watch out for insider threats

Reading Time: 2 minutes8th January 2017 | Modified: 19th December 2022

Categories: Security

Many companies think they have good IT security to protect them from external attacks but are still vulnerable to insider threats.

A worrying statistic recently highlighted by Globalscape suggests that insider threats represent nearly 70 per cent of all data leaks experienced by organisations.

Common problems are the failure to keep systems and software up to date and not knowing what’s coming into – or going out of – your network.

The use of plain file transfer protocol (FTP) tools downloaded from the internet is also very risky. There’s often no data encryption which makes it an open doorway for hackers.

A managed file transfer tool (MFT) is the best alternative. It controls different systems and security layers all in one place and helps you to manage network activity by allowing or blocking IP addresses and providing real-time reporting and email alerts, for example.

Bad practice by users

There’s also a growing insider threat from the Internet of Things (IoT)

Many companies ring-fence external threats by putting all external-facing network activity into a DMZ zone – which takes its name from the military term “demilitarised zone”. Sadly, this can only isolate threats that attempt to attack an organisation through the mail servers and other external-facing tools that sit there.

A digital camera is just one example of the many IoT devices people now use which are directly connected to the internet and don’t necessarily enter your local area network via the DMZ. This means the innocent download of holiday photos or a team building video onto your work PC doesn’t face the same “border controls” as files passing through the DMZ.

The risk is you may import botnets and other nasties which lie hidden for months – even years –before unwittingly being involved in a distributed denial of service (DDoS) attack on a third party.

Provide the proper tools

The use of personal devices at work and downloading Plain FTP tools from the internet may be a symptom of a bigger problem as the report by Globalscape suggests. It could be a sign that you may not have provided your employees with the tools for them to do their jobs properly in the first place.

Gary Jowett from Computer & Network Consultants in Brighton says: “The threat from within can cause a major incident for your organisation which badly disrupts operational efficiency and causes a data breach that incurs a big penalty. That’s why it’s important to seek objective advice from an IT consultant to get a proper health check of all your IT security procedures and processes.”

Newsletter Archives

Categorized as Security

By Gary

Gary has always focused on making sure the most appropriate solution is provided to help customers, not just what's new and shiny. With over 30 years in the IT industry Gary has the experience to tell the difference between something that's game-changing or is just a passing fad!