Filter by Category

Are These Users on Your Organization's Security Watch List?

six internal users to put on your cybersecurity watch listDoes this story sound familiar?

See if you share these trials in your own organization, then request the ebook to learn how to prevent six internal users from putting your network at risk.

Meet AdamEven IT admins can face unknown internal threats in their organization.

Adam is the lead network administrator for a middle-sized retail company, where he’s worked for almost a decade. He’s seen it all: the intricacies of their internal network, the creation of cybersecurity initiatives and best practices, the stress of brute-force and DoD attacks, and the satisfaction of running a truly responsive, high availability environment—to name a few.

Adam believes his team is a well-oiled machine. They’ve played their cards right, addressed every area of weakness they can think of. Passwords are changed every 90 days, multi-factor authentication is enabled for customer and employee accounts, card payments are always encrypted, and workstations are updated with the latest security patches… What could possibly go wrong?

Threats from the inside

One day, Adam’s faith in his team’s proactive security is shaken when he discovers that a handful of employee’s computers are infected with a virus. Files are disappearing off an important internal server, and if they don’t act fast, the attack might spread to other workstations.

As Adam and his team quarantine the virus and restore a recent backup of the infected server to recover lost data, he traces the virus back to its beginning: a carefully-crafted phishing email from a manager in the company who’d had his email address spoofed. It looked completely legitimate with a reasonable request ("check out this link for our sales report for Q2"), and more than a couple users had fallen for it before the threat was detected.

After this cyberattack, Adam starts to uncover more internal risks. Jealous employees, snoopy vendors, and departed users are just a few of the wildcards that test how he protects his organization from harm. He realizes that just one of these users could accidentally or purposefully cause data loss … or even trigger a data breach. All from the inside!

A new security approach

Adam’s determination to safeguard his employer from hackers and vulnerabilities had been so laser-focused, he’d forgotten to pay attention to what his co-workers and third-party vendors were doing. Certain practices, habits, and user permissions needed to be analyzed and re-evaluated to protect everyone and keep the business going strong.

Currently, Adam has added six distinct user types to his security watch list. These employee types raise warnings before they become a serious problem; by being proactive in his internal security practices and utilizing helpful solutions like anti-virus scanning and secure file transfers, Adam’s been able to limit the risks user errors and rogue employees do to his organization.

Are these users on your list? Follow along with Adam and discover the users you need to watch for in our ebook: Six Users to Put on Your Security Watch List.

Once you know what to look for, you can use Adam’s suggested tactics, including solutions and tips for improving your business processes, to prevent these users from becoming a security threat.

Ready to protect your organization from internal threats?

Get the Ebook

Related Posts

3 Cybersecurity Takeaways from RSA Conference 2018

The speed and intensity of cyberattacks are growing, and cyber siege is no joke. But the 45,000+ attendees who attended this year’s RSA Conference in San Francisco proved the force of cybersecurity…

6 Experts Debunk Common Cybersecurity Myths

The life of a cybersecurity professional looks a lot like the plot of a Greek mythology action movie. We spend years preparing for an attack by an unknown creature, basing our strategy on tales…

7 Steps to Protect Yourself Against Corporate Spear Phishing

Anyone with an email account is used to spam. It happens one day: you get that first unsolicited email, and then a flood of ads, flash sale offers, and foreign bank transaction requests rushes into…

Are SSH Keys or Passwords Better for SFTP Authentication?

SSH keys or passwords? That’s the question often asked by IT professionals when setting up authentication on an SFTP server. There’s some debate on whether SSH keys or passwords are better at…

How to Create a Cybersecurity Policy for Your Organization

The cyberattacks and data breaches that make the news are usually the ones that happen at big corporations like TJX or Home Depot. But every organization, large or small, needs to be concerned about…