During our current situation, it is essential to revisit your data protection and security strategy. Attackers are taking advantage of the pandemic vulnerability businesses are currently facing. To fight back, you can use new techniques developed to address the external and insider threats when your data is being threatened.
With the new norm of employees accessing all types of applications in the cloud, there is no longer a viable security perimeter that organizations can protect.
But threats do not just come from outside the organization. There are many types of internal threats, malicious and innocent alike. Employees’ inadvertent misuse of data is responsible for 36 percent of data breaches, according to a Forrester report and according to BPI Network, 61 percent of workers have accidentally sent information to the wrong person.
To address risks, you must first understand the different types of risks. In this article we will touch on the different risks that your business may face. From there, you can come at your data protection plan from a new angle.
The Inside Scoop of Insider Threats
The term “insider threat” is an extremely broad phrase. In reality, it includes multiple categories, including external threats which leverage insider access. Typical insider threat categories include:
Accidental Misuse: In this scenario the insider does not do anything malicious but makes a mistake which results in data loss.
- For example, a customer service rep could respond to an email sent by a customer which includes private account information. It is not like the rep was trying to violate policy, but they did not take the time to look at the message and clear out any private data.
Tricked into Unwanted Actions: Employees are human and can be duped into doing the wrong thing. Phishing is a great example. Or providing access to a folder, based on a call from someone impersonating an employee. Again, the insider is not malicious, but it can still cause a breach.
Malicious Misuse: Sometimes you need to deal with the reality of a malicious insider intentionally stealing data. In the first two categories above, the insider is not trying to mask their behavior but in this scenario, they are deliberately misusing data. This means you need different tactics to detect and prevent their activity.
Account Takeover: This category reflects the fact that once an external enemy has presence on a device, they become an ‘insider.’ With a compromised device and account, they have access to critical data.
Mature organizations have well-defined incident response plans and procedures for common security events, such as malware outbreaks; however, few organizations have dedicated efforts to better understand how to mitigate and respond to insider threats.
Building a Data Protection Response Plan for Insider Threats
According to Gartner’s report on How to Build Incident Response Scenarios for Insider Threats, by 2023, 60 percent of large enterprise organizations will have well-defined incident response scenarios for insider threats, which is a major increase from fewer than 20 percent today.
Chief Information Security Officers interested in improving their data protection management programs to look for insider threats should:
- Invest in employee-monitoring and surveillance capabilities, especially for sensitive access to critical data in the organization.
- Build profiles and personas to develop incident response scenarios that define unusual user activities that could be indicators of an incident.
- Examine past insider threat incidents and use these scenarios to test and refine incident response readiness through scenario planning or tabletop exercises.
Protect your Unstructured Data
In addition to protecting data from internal threats, unstructured data poses a unique set of security challenges.
Many times, the main focus of an enterprise’s security efforts is on their structured data. This is data that resides in a fixed field within a record or file. Examples of structured data would include data within a database or spreadsheet.
It is time to turn the spotlight on unstructured data. According to CSO Online, unstructured data accounts for 80 percent of an organization’s data, yet it is the least controlled. It is also the fastest growing type of data. According to Forbes, it is expected to account for 93 percent of data in the digital universe in 2022.
It can be difficult to manage this ubiquitous type of data as it flows widely across documents and formats, both internally and externally.
Building a Data Protection Response Plan for Unstructured Data
When building your new and improved data protection plan, an effective way to address unstructured data threats is to protect all of your organization’s data by default. Create a virtual safe zone where anything in the zone, files or devices, is secured and only applications and computers that are in the zone’s approved list would have access to the contents.
Another route to take would be allowing an administrator or executive to selectively pick which items to remove from the protected area. This approach is based on a Zero Trust concept, a phrase coined by Forrester Research, which assumes that all data is at risk from internal and external threats.
This is a completely new approach to handling data protection. Today, security professionals pick and choose what to protect. Unfortunately, with data being copied from one file to another and the free flow of data entering and leaving an organization, it is virtually impossible to manage and secure all of this in a one-off manner.
Another benefit of this approach is that it doesn’t require user participation like traditional security approaches do. The reality is that if something is hard to do, or even if it requires an additional step, people will find a way to work around it. By securing everything seamlessly, you are ensuring adoption and compliance.
How Compliance Impacts Data Protection
As organizations overcome challenges to approach data protection differently, many are also required to comply with strict compliance certifications. Healthcare institutions adhere to HIPAA and HITRUST. While payment providers and financial organizations must ensure compliance with PCI DSS, and so on.
These compliance regulations require data to be secured through encryption. Traditional means of encryptions are completed by only encrypting files in transit, then decrypting them while they are in use. The problem here is that the files are exposed and vulnerable to attacks during times they are in use.
Thankfully, new technology helps to ensure that files are always encrypted – at rest, in-transit, and in-use. They can be sent via email and stored in the cloud. When used in a combination with a policy that protects all data by default, it provides a secure solution that enables organizations to comply with regulations.
Why Data Protection Planning is Important
Now more than ever, data protection and business continuity planning are critical. Safeguarding important information from corruption, compromise, or loss is essential.
The importance of data protection increases alongside the amount of data your organization creates and stores. With little tolerance for downtime, a large part of data protection is ensuring that your data can be restored quickly after an incident.
The term data protection is used to describe both the operational backup of data and business continuity and disaster recovery. Data protection strategies are evolving along two lines: data availability and data management.
Modern data protection for primary storage involves using a built-in system that supplements or replaces backups and protects against potential problems.
The LightEdge Approach to Data Protection
Insider threats in cybersecurity are one of the top concerns that businesses are facing today. Whether that threat is due to ignorance, negligence or is made with malicious intent, use this information and LightEdge’s secure services to protect your organization.
LightEdge is committed to keeping your data safe, secure, and compliant. LightEdge offers a comprehensive product portfolio to ensure complete protection and uninterrupted performance of IT operations and mission-critical systems in the event of a disaster.
LightEdge is your trusted partner delivering fully integrated data protection, disaster recovery services, and workplace recovery facilities to ensure your business is always fully covered and operational and meets required compliance standards.
Our owned and operated facilities, integrated disaster recovery solutions, and premium cloud choices make up a true Hybrid Solution Center model. LightEdge’s highly-interconnected data center facilities span to Des Moines, IA, Kansas City, MO, Omaha, NE, Austin, TX and Raleigh, NC.
Each of our LightEdge facilities strive to deliver more than traditional data centers. We have created true Hybrid Solution Centers designed to offer a complete portfolio of high speed, secure, redundant, local cloud services and managed gateways to public clouds through our hardened facilities.
Want to learn more about LightEdge’s security, disaster recovery and data protection and business continuity services? Contact one of our security and compliance experts to get started or to schedule your private tour of any of our data center facilities. We have disaster recovery, colocation, and business continuity experts standing by to answer any of your questions.
Related Whitepaper:
- Cyberattack Threat and Prevention
- Patient Privacy & Data Security: Utilizing IT Vendors to Meet HIPAA Compliance
- How to Tech Guide: Encryption for Data Security
Related Posts:
- Business Continuity Checklist: 8 Boxes To Check During COVID-19
- Security For Remote Workers: A COVID-19 Crisis Planning Guide
- COVID-19 Crisis Is Putting CIO’s Business Continuity Plans To The Test
- Why Insider Threats Are the Biggest Danger to Your Data
- Here’s How To Develop A Cybersecurity Recovery Plan·
- What Are Effective Information Security Policies For The Banking Industry?
- How to Develop an Effective Cybersecurity Recovery Plan
- Balancing Data Breach Prevention and Response Planning
- 6 Ways to Noticeably Heighten Healthcare Data Security
