November 7, 2019

The Insider Threat – WST

We are often asked why some internal security controls are needed like blocking USB thumb drive access, public webmail like Gmail, and file sharing websites.  Some statements we have heard when we demonstrate access to sensitive data that COULD be accessed and taken by employees:

  • “Our users wouldn’t know how do that.
  • “I know everyone at the company personally and they wouldn’t do that.”
  • “We wouldn’t have hired them if we didn’t trust them.”

The reality is you never know who or when a trusted person is going to act maliciously and do things they may have never done before.  With the ability to use a USB drive or upload to a cloud storage site, users can steal any internal data they can access.  File share access controls are an important control to limit employee access to only what they need to perform their duties.

Not all insider threats are due to a malicious employee.  If someone plugs in a USB thumb drive that they found in the parking lot and you lack controls to block such access, you are up for a bad day.  So, keep those internal controls in place and understand there is more than one reason to do so.

Past Weekly Security Tips – WST