Go to Top

Businesses ‘must address insider security risk’

Companies wishing to avoid costly data recovery bills and a loss in reputation should ensure staff are well-versed in data security practices, while bosses should also be aware of the threat posed to security from their own workers.

A new report published by Raytheon Intelligence Information and Services has highlighted the extent to which staff access sensitive business information that they should not be.

Entitled Privilege User Abuse & The Insider Threat, the report revealed a significant proportion of workers with high-level users access (65 per cent) within businesses feel that, due to their wide-ranging privileges, they can examine any information they choose.

However, the level of access granted to these members of staff often exceeds their own responsibilities and position, leading to a potential abuse of this status as they access sensitive files they were not meant to.

Overall, respondents to the study said they had done this out of curiosity rather than for any valid business reason.

Responding to the findings, vice president of cyber security and special missions at Raytheon Jack Harrington commented: “The results of this survey should serve as a wakeup call to every executive with responsibility for protecting company or customer sensitive data.

“The problem is acutely understood, the solutions are not.”

Maintaining a strict control on user data privileges should therefore be a priority for firms wishing to ensure their confidential records remain just that.

However, methods to achieve this can be difficult, as technologies to track who is accessing privileged information can often throw up false positives – as workers access sensitive data for legitimate reasons.

Moreover, the problem of malicious intent was also shown to be an issue companies are not adequately prepared for at present, with 57 per cent of respondents to Raytheon’s survey stated their company does not carry out background checks on individuals before issuing elevated access credentials.

Complex data recovery requires expertise. Speak to the data recovery industry pioneers at Kroll Ontrack for free advice to investigate options to recover from any data loss type, system or cause.

From: http://www.krollontrack.co.uk/company/press-room/data-recovery-news/businesses-must-address-insider-security-risk218.aspx

Leave a Reply