Five Things You Should do to Protect Your Business from Insider Attacks
Too many business owners say they’ve experienced insider attacks in the previous year.
You may have done everything you can to identify and fix security holes in your network. Computers, tablets, and smartphones are covered. You’ve thought about thumb drives and SD cards. Yet you can’t quite relax. If you’re worried about insider attacks, you have good company. While no company will publicly admit to security problems, the numbers are worrying.
- Nine in 10 companies report feeling vulnerable when it comes to their IT infrastructure.
- More than half (53%) say they’ve experienced insider attacks in the previous year.
- 69% say they’ve suffered “significant data or knowledge loss” as a result of former employees taking data with them.
Five Things You Can Do to Protect Your Business
These are worrying numbers, but there are ways to safeguard your business. The best ways combine technology with human solutions. Consider these steps:
- Look at all the roles in your company, not just the obvious ones like sales and developers. Ask these questions: Who has access, and what do they have access to? Do they really need it to do their job? For example, customer service representative tends to be a junior role, yet these employees often have access to highly sensitive customer information.
- Don’t expect technology to solve every problem. You should also review business processes, especially employee on-boarding, training, and termination. Establish well-defined procedures for assigning hardware and systems access, and for revoking it when someone leaves the company.
- Conduct background checks of all new employees before you make a job offer.
- Set up standard account access for everyone and don’t give anyone administrative access unless it’s absolutely required.
- Enforce strong passwords, password refresh, and require multi-factor authentication for access to internal systems and data. Insist everyone use them and monitor compliance.
Concerned about an Insider Attack?
If you’re concerned about an insider attack, contact us at 925.827.1200 to discuss your concerns. We can help you set up roles, policies, procedures, and processes. And we can conduct a security audit of your systems to determine your level of risk. Call Cantrell’s Sales & Service, Inc. today or email us at email@example.com.