January 23, 2018

Meet The Insiders: Your Biggest Security Threat

If you think the “bad guy” to your organization is wearing a black mask, plays endless rounds of “Call of Duty” and hacks your weak infrastructure for fun and profit, think again. The threat that’s on the radar screens for many in cybersecurity is The Insider:

The student intern

Visiting staff

Volunteers

These “insiders” unwittingly can spawn an attack on your infrastructure. NAHRA says companies “should focus on what data is given to and made accessible to vendors.”

What Can You Do?

Protecting your customer’s sensitive data should be top-of-mind in medical and banking environments, but really, ALL businesses should be alert to these potential threats. Here are some ideas to help you protect your data from your own “insiders:”

Limit Access:

Limiting access to your company’s sensitive data from students, visiting staff or volunteers, should be a no-brainer. Do NOT allow volunteers to use your computers if they’re doing a fund-drive in your office. If they login to their own email, click on a phishing scheme, it could adversely affect your entire network.

Former Employee Protocol:

Fired employees need to have their email accounts, passwords and access immediately wiped. Old lists of employee contact information need to be properly shredded and discarded securely.

Workforce Training:

Reach out to entities like NPI.net for training on how to spot security breach situations before they happen.

Device Disposal:

Make certain your contractors are using up-to-date devices when handling your data. Are they able to login to your portals? If devices are discarded, use Ship-n-Destroy to securely destroy devices and data properly at a fraction of the cost of a data breach.