When it comes to securing your network against insider threats, security researchers recommend a “mini-max” policy — minimize access where possible and then maximize monitoring of that access for unusual patterns. The goal is to not provide employees with an open door to the entire network by making access a privilege and not a right.
A recent article in CSO magazine describes the importance of using need-to-know access in conjunction with established monitoring policies that are able to flag things like long-time employees accumulate access that is no longer needed for their job function. This “privilege creep” is a key challenge for preventing insider threats.
“Like all good security, deterring insider threats requires a multi-layered approach. The good news is that it is often the most basic steps that provide the greatest value,” said Geoff Webb, vice president of strategy at Micro Focus. “Being systematic and thorough provides huge benefits…”
Reduce insider threats with Uplogix
Uplogix extends role-based administrative access policies to devices with detailed auditing and reporting for compliance when the network is up, or down. Some of the specific cybersecurity functions that help reduce insider threats include:
- Maintaining and enforcing AAA (Authentication, Authorization and Accounting) of the state of the network. Under normal circumstances, Uplogix integrates with remote multi-factor authentication mechanisms, such as TACACS and Radius, but if connectivity is lost, Uplogix can failover to other AAA servers before falling back on cached authentication data to maintain authorized access.
- Prevent unauthorized user access by automatically closing idle sessions, eliminating a potential security gap. Uplogix also ensures that the right users have the right access by enforcing granular, role-based permissions. Set up user groups for
- Enable audit and compliance reporting by constantly logging all changes made to managed devices and the results of these changes.
The fact is that between malicious and inadvertent insiders that contributed to a cybersecurity incident, you are in far greater danger from those you know. The 2016 Cost of Data Breach Study by the Ponemon Institute found that among 874 incidents, 568 were caused by employee/contractor negligence, 191 by malicious employees and criminals, and 85 by outsiders using stolen credentials. With an average data breach cost going about $4 million, you can’t afford not to keep both your enemies and your friends even closer.