Insider Threats in India: Is It Time to Focus on Privileged Users?

August 9, 2016
| |
2 min read

What threat do you consider the greatest risk to your data’s security? Would you believe the answer should be your own users?

While you’re busy guarding the perimeter, insiders can cause significant damage and financial loss. According to the “IBM 2016 Cyber Security Intelligence Index,” 60 percent of data breaches are caused by insider threats.

Guarding the Crown Jewels

India’s information technology and business process management (IT-BPM) industry sector continues to be one of the largest employers in the country, directly employing nearly 3.7 million professionals. According to NASSCOM, the industry generated revenues of $143 billion in FY 2016. Any security breach in this sector could damage India’s image as a secure services partner of companies around the world.

With more frequent insider attacks, it is important for organizations to take a closer look at how they manage privileged users. These are individuals with access to an organization’s critical data — the crown jewels to cybercriminals.

Defending Against Insider Threats

Whether they are accessing data in insecure locations, deliberately exposing data or exposing their credentials to outside attackers, privileged users can wreak havoc on the most secure infrastructure. If those privileged users aren’t being properly tracked and monitored, there’s no way of knowing which assets are being compromised.

Below are some tips to help organizations protect against insider threats:

Integrate Privileged User Management Processes With HR Systems

Organizations are in a constant state of flux — projects and initiatives start, finish or are abandoned, which brings in new employees, contractors and suppliers and alters the data stored on different systems. It only gets harder as people change roles or leave over time.

According to a recent survey, when employees leave a company, they frequently take sensitive data with them: About 88 percent of respondents took company strategy documents and/or presentations, 31 percent took customer contact lists and 25 percent took intellectual property.

It is extremely important that users, accounts, roles and privileges are in sync. This means that an organization’s HR systems need to be fully integrated with its privilege management processes.

Use Context-Aware Authentication

Context-aware authentication can protect against intrusion attempts by making it more difficult to compromise privileged users. This is because accounts that require such authentication for logins cannot be accessed remotely unless the attacker can clear context-aware security checks such as user location, network address or the time of day.

Apply Privileged Identity Management (PIM) and Data Security Solutions

Detecting unusual activity around sensitive data by a privileged account is often the first observable indicator of an attack. It is essential to have a data security solution that supports entitlement reporting and can pair with real-time, automated analytics to spot unusual behavior.

Minimizing the Threat

While the threat of data theft and breaches caused by insider threats cannot be completely eliminated in India or elsewhere, it can certainly be minimized with proper planning and considerations discussed above. Organizations can go a long way towards an effective defense against insider threats by managing their privileged users more efficiently.

Read the full research report: Battling security threats from within your organization

Rahul Agarwal
Portfolio Marketing Manager, IBM

Rahul Agarwal is a Portfolio Marketing Manager for Security Services on the IBM Security Marketing team. Rahul has over 12 years of experience in marketing, ...
read more