Page 86 - Security Today, September 2018
P. 86
cess by which an employee can request and gain access to new data assets if their work responsibilities change, as well as a policy to terminate employee access when they no longer need access to an asset anymore.
Employee Training and Education
Employees need frequent and updated security awareness training. Training needs should be specialized so that employees understand not only the threat but how to better secure the information and ac- cesses that they have. Instilling this sense that security is everyone’s responsibility and not just the IT department is critical for individu- als to be more vigilant in how to properly handle information.
Proactive Monitoring
Monitor access to data. The simplest measure to take to protect your assets from insider threats is to monitor what assets employees are ac- cessing, particularly if an employee is trying to access areas to which they don’t have privileges. It is natural that once classified, more sensitive data should have stricter controls and monitoring than less critical data.
Monitor employee behavior. Unfortunately, employee training is never 100 percent foolproof. There is always going to be an employee that clicks on a phishing email or reuses their passwords. While some may balk at monitoring employees’ activities on the network, it is a proactive way to provide early indications of potential malfeasance. Make sure your security solution is able to put employee actions in context, taking into account the sensitivity of the data as well as how it is being accessed, stored, and transmitted in order to identify anomalies that may require further investigation.
Monitor employee group behavior. Employee behavior should be evaluated both in an individual context, but also in a group context. For example, a clerk who gets hired at a bank and immediately starts doing one fraudulent transaction a week might not be identified by just looking at their behavior alone, because that is their normal base- line activity. If, however, you compared their behavior to the behavior of other clerks, you would be more likely to identify the suspicious pattern of behavior.
Periodic Review and Updates
Data assets. Identify any new assets and where they are located. Up- date the location of existing assets. Review asset classifications and sensitivity levels in case any assets have become more or less impact- ful to the business.
Access policies. Review how the existing policies are working, or not, and update as needed. Take into account any changes to compli- ance mandates.
Audit logs. Make sure logs are accessible and review logs as needed.
Mitigating insider threats in order to protect your most sensitive data assets is an ongoing effort that requires a holistic approach that encompasses technological as well as human solutions. Perimeter de- fense is no longer the best option to protect your
organization. You don’t need to build the Tower
of London in order to protect your ‘crown jew-
els,’ but you do need to understand your data, and
build a sustainable security approach.
Aarij Khan is the vice president of marketing at Securonix.
Online Security Technology Training
Take charge of your security technology training with our online training courses. Train as an individual or implement a companywide program with a Corporate Account.
and
Our courses are suitable for everyone in the security industry. They are available 24/7, making it the most convenient and cost-effective solution for anyone who wants to improve security knowledge or skills. Approved for Continuing Education (CE) by various security associations and government bodies, the courses include:
• CCTV + Digital Video
• IP Networking
• Access Control
• Biometrics Technology
• Fiber Optics
• Basic Electricity
• Wireless Technology
Register today at securitytodayacademy.com
68
Untitled-6 1
3/7/18 12:06 PM
Go to sp.hotims.com and enter 44 for product information.
0918 | SECURITY TODAY
ASSET PROTECTION