Every organization has the potential to be hit by an insider threat and this needs to be understood by all levels of a business. Is there anything enterprises can do to prevent this happening?
Supermarket giant Morrisons is being sued by 5000 members of its own staff after their personal and financial data was exposed by an insider. The information, which was publicized online and posted in several newspapers in 2014, included birth dates, bank account details and National Insurance numbers.
Pain, anguish and distress caused by the breach are cited as the reasons the group of current and former employees are seeking compensation. Matters are made worse when Morrisons itself was given £170,000 as payment for damage caused, with none of that distributed amongst the victims.
Of course, it is near impossible to foresee when a malicious insider accesses sensitive data. It’s similar to being hit on the blindside. Nevertheless, there are options available to organizations to stay one step ahead in this horrible game that only seems to leave countless victims as a result.
However, there are ways to detect suspicious data movements, even if employees are authorized to access sensitive data. Take modern Data Leak Prevention (DLP) solutions as an example: DLP can detect these scenarios and alert security administrators so they can intervene.
IT administrators who have extensive permissions can also be prevented from accessing sensitive data. Generally speaking, IT administrators should not be given access to critical information in applications when they do not really need it. With encryption solutions such as the eperi Gateway, sensitive data can also be made illegible to administrators, without hindering them from executing their tasks, such as creating backups or performing database maintenance tasks.