Posted on August 31, 2018
by Heath Kath
| Categories: Cybersecurity
Does this story sound familiar?
See if you share these trials in your own organization, then request the ebook to learn how to prevent six internal users from putting your network at risk.
Adam is the lead network administrator for a middle-sized retail company, where he’s worked for almost a decade. He’s seen it all: the intricacies of their internal network, the creation of cybersecurity initiatives and best practices, the stress of brute-force and DoD attacks, and the satisfaction of running a truly responsive, high availability environment—to name a few.
Adam believes his team is a well-oiled machine. They’ve played their cards right, addressed every area of weakness they can think of. Passwords are changed every 90 days, multi-factor authentication is enabled for customer and employee accounts, card payments are always encrypted, and workstations are updated with the latest security patches… What could possibly go wrong?
Threats from the inside
One day, Adam’s faith in his team’s proactive security is shaken when he discovers that a handful of employee’s computers are infected with a virus. Files are disappearing off an important internal server, and if they don’t act fast, the attack might spread to other workstations.
As Adam and his team quarantine the virus and restore a recent backup of the infected server to recover lost data, he traces the virus back to its beginning: a carefully-crafted phishing email from a manager in the company who’d had his email address spoofed. It looked completely legitimate with a reasonable request ("check out this link for our sales report for Q2"), and more than a couple users had fallen for it before the threat was detected.
After this cyberattack, Adam starts to uncover more internal risks. Jealous employees, snoopy vendors, and departed users are just a few of the wildcards that test how he protects his organization from harm. He realizes that just one of these users could accidentally or purposefully cause data loss … or even trigger a data breach. All from the inside!
A new security approach
Adam’s determination to safeguard his employer from hackers and vulnerabilities had been so laser-focused, he’d forgotten to pay attention to what his co-workers and third-party vendors were doing. Certain practices, habits, and user permissions needed to be analyzed and re-evaluated to protect everyone and keep the business going strong.
Currently, Adam has added six distinct user types to his security watch list. These employee types raise warnings before they become a serious problem; by being proactive in his internal security practices and utilizing helpful solutions like anti-virus scanning and secure file transfers, Adam’s been able to limit the risks user errors and rogue employees do to his organization.
Are these users on your list? Follow along with Adam and discover the users you need to watch for in our ebook: Six Users to Put on Your Security Watch List.
Once you know what to look for, you can use Adam’s suggested tactics, including solutions and tips for improving your business processes, to prevent these users from becoming a security threat.
Ready to protect your organization from internal threats?
Get the Ebook