Why it's back to school for infosec professionals

I’ve previously written about the increased cybersecurity risk that comes with a larger percentage of staff working remotely. The Coronavirus could now throw another curveball at stretched security teams trying to keep on the right side of compliance. And, with children heading back to full-time education, here's why security professionals may need to go back to school too.

We all know about the dangers of insider threats. Well trained and vigilant staff can be one of your best weapons against hackers and fraudsters. Sadly, they can all too often be the source of data breaches too. It’s a sobering fact that 90% of UK data breaches last year were caused by human error.

Whilst many of these breaches are accidental, it’s very hard to anticipate or stop a malicious data breach from a member of your team. Now, with the UK furlough scheme winding down, widescale redundancy programmes are being rolled out. Businesses must be even more aware of insider threats and take necessary action to reduce this type of digital risk. Organisations can take some simple, practical steps which are easy to implement and will reduce the risk of insider threats.

All aboard the train!

There’s never a bad time to make sure employee cybersecurity awareness training is up to date. This goes staff protecting data where leavers are concerned and for returning staff; who may be a little rusty.

  • Coronavirus has led to a spike in scams and attacks so there has never been a better time to do it.
  • Training that isn’t linked to revenue-building activities is allowed under the furlough scheme – so it can be done ahead of staff return.
  • As a result, your staff will be more aware of the consequences of deliberately sharing or deleting data.
  • I’ve been doing some refresher training myself recently -courtesy of Ninjio. It’s bang up to date, highlighting pandemic related issues, engaging and thought-provoking.

Make sure you have collected all your personal belongings

Sadly, redundancies are inevitable for some businesses as a result of Covid-19’s devastating impact on the economy. Offboarding is never easy, but it’s important to get it right from a data protection standpoint.

  • Make sure you have an up-to-date audit of devices and application access, so you know which accounts to close or transfer and which devices need to be returned.
  • Ensure devices are backed up and have find-me and remote disabling activated in case you are unable to have a face-to-face handover. Avoid posting or shipping devices that contain data at all costs.
  • Change passwords on any applications where there is shared access – especially social media or data storage accounts.
  • If you’re using a password manager application, your staff may need an opportunity to download or transfer any passwords they have for personal applications. It may be safer to do this under supervision.
  • GDPR compliance aims to protect personal information, but digital risk isn't limited to this kind of data. Loss of intellectual property can be just as devastating. So, clarify any circumstances where an employee can take a copy of the information. According to Verizon, over 70% of workers admit to taking intellectual property when they resign. In many cases, this will simply be to provide examples of work for a personal portfolio. Have a clear policy on any content that can be used in this way and an agreement in place to cover misuse.
  • If you decide to let a leaver continue using their laptop or phone for job hunting, make sure the device is wiped first and agree on a date when it should be returned.
  • If you're offloading older devices, it's worth remembering that it's possible to jailbreak most phones, including any Apple iPhones which predate the iPhone 11 model. Ideally, you should encrypt device held data before wiping devices to an extra layer of protection. 
  • For employees that have access to all your ‘crown jewels’, you should consider using a Privileged Account Management (PAM) application, which can smooth and secure offboarding for anyone with admin or super-user rights to your systems.

Keeping data privacy on track

The truth is, if you have to let a member of staff go who bears a grudge, they may well have helped themselves to useful or valuable data already. That’s why monitoring for data outside of your network is crucial to reducing digital risk.

  • Watermark your digital documents so that you can easily identify posted documents that originated from your organisation.
  • Add synthetic IDs (seeded records) to your data sets so you can instantly tell if someone is using your data without permission or sharing it.
  • Use a surface, deep, and Dark Web monitoring service to check for data breaches on an ongoing basis.

In short, use education to reduce the chances of data breaches coming from your staff. Make sure leavers are handled sensitively and effectively to prevent data loss and keep looking outside for your data so that you know as soon as it appears anywhere it shouldn’t.

Digital risk protection

Posted by Justine Siebke

 

Have your say...