What is Internal Threats?
An Internal or insider threat is a malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization’s security practices, data and computer systems.
We offer 5 tips to help you develop and implement an insider threat mitigation strategy. Some may be complex and costly over the long haul, but others simply involve reviewing your processes and policies and applying best practices. The main point is to turn your infosecurity radar inward.
1. Develop specific policies and procedures regarding the handling of proprietary or sensitive information.
Have employees sign an acknowledgement form indicating that they have read the policies and understand their responsibilities.
2. Improve training.
Many organizations think that a general 30-minute online information-security training followed by 10 questions is sufficient for employees to know what they should do in a given situation. However, the lack of specificity to their own responsibilities opens the possibility of unintentional exposure of, or unauthorized access to, protected information.
3. Ensure only the minimum necessary access to the information.
Organizations need to take the time to assess the functions or roles in the organization that need access to confidential information, and to document the process for initiating and terminating that access. The most damaging impact on an organization can be caused by a disgruntled employee who is terminated from the organization, yet his or her access to information is not cut off in a timely fashion.
4. Communicate and apply consistent sanctions for information privacy or security violations.
If there is no punishment for accessing or sharing information, people are more apt to do so. For example, rural hospitals and health plans have significant problems with employees snooping into medical records of colleagues, ex-partners, and others in the community. Larger hospitals and rehab centers have to address the improper snooping into the medical records of celebrities and prominent public figures. An organization can suffer significant financial and reputational damage if steps aren’t taken when bad behavior occurs.
5. Monitor employee activity.
Doing so ensures appropriate access and can unearth any unusual activity. Take the time to review or randomly sample usage reports to identify any potential problems early and initiate remediation activities.