Saturday, September 18, 2021

Insider Threats Giving IT Execs Nightmares

A network engineer at a Kansas City company says he’s just as worried

about threats to his company’s network coming from inside the corporate

walls than he is about any hacker busting through the perimeter.

”Once you’re already inside that firewall, you’re considered trusted,”

says Josh Herr, network engineer at Ladlaw Transit Services, an

outsourcing company that handles bus scheduling and routing services.

”You’ve always got to worry… We’re in the process of putting firewalls

between the front end and the back end of the system to alleviate that

concern. The back-end system will have a completely separate firewall

network. It will keep people internally from getting through.”

According to a new survey, Herr isn’t alone in his concerns.

Sixty-nine percent of 110 senior executives at Fortune 1,000 companies

say they are ‘very concerned’ about insider network attacks or data

theft, according to a study by Caymas Systems, a network security

technology firm based in San Jose, Calif. And 25 percent say they are so

concerned they can’t sleep at night, Sanjay Uppal, a vice president at

Caymas Systems, told eSecurityPlanet.

Only 13 percent says they are not worried at all.

And Uppal says if they’re not, they should be.

”I think they should definitely be worried,” he adds. ”The people who

are not worried just haven’t been hit yet. They have a false sense of

security.”

What’s worrying Herr is the number of outside contractors who are on his

network. ”A lot of [the worry] is about the people who are coming into

our network for short periods of time, such as auditors and

contractors,” says Herr. ”We’re not in charge of those PCs.”

Uppal claims 30 percent of people who come in and work on your average

network every day are temporary workers. And that brings up specific

threat concerns. But he also says that IT and security administrators

should not forget about permanent workers and the havoc they can wreak.

After all, who knows better where critical information is stored or what

the boss’ password might be, than someone who works in the company?

And if a worker is unhappy about not receiving a bonus or feels slighted

for any other reason, she just might be disgruntled enough to want to

cause the company some serious damage.

”As we can see in the media more and more, the concept of a company

really taking care of its people — that bond is less and less secure,”

says Uppal. ”If a company doesn’t take care of its people, then the

workers won’t have that much loyalty either.”

Security from the Inside

Uppal says insider security threats definitely need to be dealt with…

and quickly. But it’s not an easy problem to solve.

”People coming from the outside all come from one place,” he explains.

”People on the inside are coming in from many many places — the

conference room, their desks, at home on their laptops. It’s actually a

problem that’s not all that easy to tackle.”

The first step, according to Uppal, is to reign in the temporary workers

and people who are coming in as guests to the company. ”Someone might

come in for a meeting, find an open jack in a conference room, then plug

in, and they’re off and running,” he says. ”People should install

barriers or hurdles, access controls on the network. The software would

scan the laptop and then realize it’s not an authorized machine. It would

then ask for a user name and password to distinguish that this person

should not be there.”

Uppal also recommends that workers should be limited as to what parts of

the network they can access. Someone working in production shouldn’t be

able to access financials. And someone working in the financial

department, should be able to access personnel records and reviews.

”We hear a lot about viruses or hackers coming in through the

perimeter,” Uppal says. ”We don’t hear what’s going on inside the

network. People don’t want to admit that it’s a problem.”

Similar articles

Latest Articles