Most data breaches can be blamed on negligent employees failing to keep sensitive corporate data secure, according to a recent report from research firm Forrester. At the 7,000 organizations surveyed, just 25% of the data breaches they’d experienced were blamed on external attacks.
The remaining 75% were caused by employees and other insiders – and most often due to their negligence or failure to follow policies. The most common causes of those data breaches were:
- Laptops, smartphones or other computing devices lost by employees (31%)
- Inadvertent misuse of sensitive information (27%), and
- Intentional theft of data by employees (12%)
As those numbers show, IT pros could prevent many data breaches by directing more attention to finding and eliminating the threats that exist in the company’s own workforce. Here are the most common types of insider threats to watch out for – and what IT can do about them:
1. Negligent employees
As Forrester’s report shows, negligent employees are the most common security threat IT departments face. Often, data is leaked because those people fail to follow IT’s security policies. And the threat is only becoming more common because employees are carrying more information around on mobile devices.
Requiring those devices to be equipped with encryption and other security tools is key to keeping data locked down. Also, IT should be careful to only give employees as much access to data as they need to do their jobs.
2. Malicious insiders
Insiders who knowingly steal data or cause other problems may not be as common as negligent employees, but they can do a lot of damage. Malicious insiders might steal confidential information to sell to competitors, use financial data to commit fraud, or carry out other costly crimes.
IT staff should work with other departments to determine who has access to a lot of sensitive data. That way, those department managers can make sure they’re conducting background checks accordingly. And again, keeping access privileges to a minimum is key for lowering the risk.
IT must also protect against recently terminated employees that could still have access to data. Those people may include fired workers who sabotage networks or data for revenge, or an employee who took a job at a competitor and steals trade secrets to take with them.
To prevent that, IT should be in communication with HR to know when employees leave the company so their access rights can be terminated immediately.
4. IT staffers
IT managers don’t just need to worry about the potential security risks lurking in other parts of the company – there’s also a chance the IT department may have insider threats of its own. Tech staffers often have access to the most data in the company. And in fact, 20% of IT pros have admitted to snooping on sensitive data, including the CEO’s private information.
That’s why IT managers should conduct thorough background checks on their own hires and watch out for suspicious behavior from their direct reports.
5. Business partners
In addition to their own employees, companies must be careful about the employees of any cloud computing provider or other business partner they work with. Those people are out of the organization’s watch, yet often have significant access to the company’s data.
When contracting with a third party, companies should ask about the vendor’s security policies and background check protocol to make sure the proper standards are in place.