The old adage that “any chain is only as strong as its weakest link” is one that can easily be applied to cybersecurity frameworks. In any cybersecurity setup, if any one security element is lacking, then the whole security system can be rendered ineffective.
This is why many businesses invest so much into strong security measures such as data encryption, firewalls, antivirus, IDS, etc., or adopt a cloud infrastructure that incorporates these measures. There is significant evidence that using a secure cloud solution is safer for most companies than relying on in-house IT infrastructure.
The Human Element
But, even when you have the best cybersecurity systems on the planet, there will always be one vulnerability, and it’s one of the biggest in any setup: the workers who use the system.
According to statistics cited by CRN in their list of the “Top 9 Causes of Data Breaches” based on information from the Verizon DBIR, “Miscellaneous [human] errors accounted for 8.1 percent of confirmed breaches,” and “Insider misuse accounted for 10.6 percent of confirmed breaches and 20.6 percent of total incidents.” All told, whether accidental or intentional, employee actions accounted for 18.7% of all data breaches.
Even with the best cybersecurity, human error and malicious misuse of your systems by employees with network access remains one of the biggest risks to your company’s data security.
Reducing Security Risks from Employees
If employees with legitimate access are among your greatest security vulnerabilities, how can you reduce security risks from them? While no system is 100% foolproof, here are a few things you can do to reduce the chances of an employee causing a massive data breach:
- Limit Employee Account Privileges to Minimum Required for Work. Compartmentalizing information is a very basic, but useful, strategy for limiting the effect of a data leak by an internal source. The greater the level of access a single user has, the more severe the data breach can be. By restricting employee access to only the apps and data they need for their work, you can reduce the potential damage of that employee’s account becoming compromised.
- Remove Access Rights for Terminated Employees Immediately. Letting an employee go is very rarely a pleasant experience for everyone involved. Whether or not the departure is amicable, it’s imperative to erase that employee’s access rights to your systems as soon as possible, even before the end of the employee’s last working day.
- Explain and Enforce Basic Cybersecurity Rules for Employees. Many “insider” data leaks are the result of honest mistakes or misunderstandings of security rules. Briefing each employee on the company’s security guidelines, such as rules about creating & using passwords, using the internet at work, sharing data, and protecting portable devices such as smartphones and tablets can go a long way towards preventing accidental data breaches. Testing employees on knowledge of security procedures from time to time can help ensure that the information sticks.
- Take Advantage of Log Management Systems. If your infrastructure has IDS event log management, take advantage of it to track unusual activity on your network. Doing so can provide an early warning of a compromised employee account, or even spot a data breach in progress.
Using these strategies can help to limit your risk of a data breach caused by employees within your company. Make sure that the rest of your cybersecurity chain is as strong as possible today.