Edward Snowden was a contractor with Booz Allen Hamilton. Angry with the way information was collected by the NSA, the systems administrator decided to expose details about the program. Bradley Manning was a U.S. Army private and intelligence analyst who released confidential documents to Wikileaks. In July, Manning was found guilty of espionage. As of press time, Snowden was taking refuge in Russia.
Enterprises are concerned about privileged users causing the same type of data breaches in their own organizations, a concern which has increased over the last several years and skyrocketed upon publicity of the above mentioned cases. According to research conducted by Enterprise Strategy Group on behalf of Vormetric, 45% of Fortune 1000 companies have increased awareness specifically because of the Snowden incident. However, only 4% believe insider threats are much easier to detect/prevent today than they were in 2011, and 20% think it’s actually much more difficult.
Aware and Active
The next step after awareness is action. Out of those surveyed, 53% plan on increasing their security budgets in response to insider threats. The real question is: How can IT do their jobs while reducing exposure? Alan Kessler, CEO, Vormetric, offers three steps.
A variety of solutions exist to do just that, Kessler noted. There’s encryption, or other approaches like data leak protection. Then there’s a data firewall that requires users or applications to pass a set of authentication rules before access is granted.
Agree what the sensitive data is. Sometimes there isn’t alignment within the organization. That’s a problem.
Understand where this data is. Organizations are often shocked to find sensitive information is spread across networks.
Protect that information. Blind the users from seeing such data unless they have a need to know.
When CIOs are asked why aren’t they blinding data now? Wouldn’t that make you sleep better at night? The response tends to be: “There hasn’t been easy, transparent cost-effective method before.” Or, “Who else is doing it?”
While highly regulated industries will more aggressively pursue new security opportunities, other industries are less risk averse and rather weary of taking chance with new technology. They need to know it works.
The Cloud Problem
“As human beings we want to trust our own people,” Kessler said. “The trick is, I don’t know who is managing the cloud.”
As BYOD and mobile devices are now prevalent, more info is being stored centrally in the cloud. IT admins generally have access to all of it. But it’s not just the disgruntled employee putting the company at risk, but the authorized user who makes a mistake. And there are more authorized users than ever, from employees to contractors and any partners doing business with the company. Combine that with growing network traffic, sophisticated cyber-attacks and a lack of real-time monitoring, and an enterprise is completely exposed – and it’s unacceptable.
“The bad guys are getting in and compromising our credentials and ‘becoming us’,” Kessler said. And these cyber thieves go wherever the market is. Traditionally that has been PCs, but now the mobile market is ripe and pretty rich for hacking. “If the past repeats itself,” Kessler warned, protecting mobile devices will become imperative.