Insider threats from homeworking
Remote working has become an essential component of the digital workplace, allowing companies to ensure business continuity and employee safety during times of increased volatility. As technical solutions for remote connectivity such as video conferencing, file-sharing services and customer database access are expanded upon in order to make sure employees have access to their familiar resources, addressing the potential security risks that follow has become an essential task for all companies.
Insider threat is quickly becoming one of the largest threat factors as remote working becomes a part of the new normal, testing the limits and usability of companies’ current technical controls, security policies and staff training plans. Insider threat is when an employee either intentionally or unintentionally causes harm to a company’s data, assets and employees. It can be an employee which unknowingly is compromised, allowing malicious outside actors access to sensitive data or a former manager trying to bring data containing intellectual property over to his new company.
Contact us
Anders Greve
Head of Big Data and Cyber security
Hans Benedict Ahlefeldt-Laurvig
Service Sales Consultant
Hypothetical Scenarios
A banking employee handling customer data from office premises, now does so from home. He is given more access by oversight mistake and gets full overview of all the customers in the region. His wife who works as a hairdresser but has lost her business recently and they have had trouble paying the mortgage. he decided to copy the information and transfers it to his home computer and sells it on the black market for bitcoin.
A senior manager working at pharmaceutical irritated at working on the slow workstation so she uses her son’s gaming PC to work on. She uses work credentials to get access to SharePoint. Suddenly, an unknown keylogger logs user and password. This data is sold to a malicious company, which during the weekend extracts all IP’s and confidential data regarding the new medicine, in order to make counterfeit.
Solutions
Atos offers a comprehensive solution in dealing with insider threats arising from remote connectivity. Our 3-part solution offers a comprehensive and bespoke assessment service that allows you to identify and assess your company’s risks, vulnerabilities and the maturity of your current security controls with our Cyber Security Maturity Assessment.
With your risks and vulnerabilities identified, Atos will be able to offer a full suite of mitigation solutions tailored specifically around your risks, industry and size. This not only entails well-proven and robust technical solutions such as endpoint protection solutions, data loss prevention and user behavior analytics, but also in-depth staff training programs, managerial consulting and IT-systems architecture review.
Mitigation is possible by 3 phases
With mitigation solutions implemented, Atos will be able to offer continued technical support, periodical reviews and threat monitoring in order to ensure that you will not only be protected today, but also in the future. Atos is there every step of the way, addressing your insider threat security needs from the strategic level to the operational, throughout the entire lifecycle.
Phase 1: Identify
Phase 2: Mitigate