For all the disruption they caused at the time , the hack attacks on TalkTalk , Target , Ashley Madison , and JD Wetherspoon in the latter half of 2015 have focused executives ’ minds on cyber risks like never before . In the aftermath , the brands affected were falling over each other to explain the steps they were taking to ensure they it never happened again . Investments in cyber security – often viewed as an expensive overhead – were suddenly a source of pride ; hitherto onerous data protection regulations became a safe refuge in the face of increasing public scrutiny .
This is very encouraging , but the concern is that their focus is too far-sighted . There is a grave danger that organisations are channelling resources towards mitigating external threats , while neglecting the risks that come from within . The dangers of this became clear in February , when a former employee of Ofcom was caught attempting to pass confidential data to his new employers . That the data was passed to another business and not to a ‘ dark net ’ download site is immaterial – sensitive information was compromised , as a consequence of which Ofcom found itself apologising to the broadcasters and media organisations it ’ s meant to police . Unfortunately , Ofcom ’ s case is by no means isolated .
Like external threats , organisations ’ approaches to mitigating internal risks have been patchy , with overzealousness in some areas masking lassitude elsewhere . Most firms , for example , have rigorous password protocols . However , how many continually adjust and refine employees ’ access to applications and data as their roles change – so people only have access to what their job requires ?
Manage the endpoints , and the risks will manage themselves
This patchwork leads to a confusing mass of information and intelligence - which makes building a clear picture of the organisation ’ s security posture and vulnerabilities difficult and timeconsuming . In a world where data from a stolen device could be somewhere for sale within minutes , the ability to monitor – and act – in real-time is crucial . To put it another way , organisations must build a ‘ single source of truth ’ covering all of their end-points including desktops , laptops , smartphones and tablets .
Mitigating internal threats in this environment revolves around the ability to do three things very well :
1 . Account for the location of employerowned devices - offering flexible working carries with it the implicit trust that employees will safeguard their devices and data . Endpoint security technology can add a further layer of reassurance , by tracking the location of devices and sounding the alarm if they travel outside a given perimeter and allowing action should the device be lost or stolen .
2 . Detect and mitigate suspicious behaviour – as night follows day , attempts to circumvent corporate IT security technologies by an employee ( such as disabling the anti-virus ) are indicators that the user plans to take their device beyond ‘ acceptable use ’. In these circumstances , administrators need to monitor and manage end users and their devices in real-time - which could mean deleting data , disabling the whole device , pushing out updates or turning on encryption .
3 . Provide a thorough audit trail – data is everything when organisations are reassuring staff and customers after a security breach . What is more , regulators increasingly demand it - and compiling a detailed narrative could be essential for both forensic and reputational reasons .
Broader benefits There ’ s more to endpoint security than tracking down errant data and catching out careless staff . The single source of truth on endpoints can start paying for itself almost immediately , in the form of improved IT asset management . Organisations have long been paying for more software licences than they actually need to avoid potential fines . Security tools can be manage that , avoiding unnecessary purchases and easily reallocating the licencing when they are no longer needed .
Intelligence is everything
If there is one lesson from the security breaches of the past year , it is that nobody can consider themselves immune to attack . While external threats are more challenging to mitigate ( as well as generating more column inches ), the actions of staff within the organisation are just as dangerous - whether through deliberate data or device theft , or simple mistakes or ignorance . By building a single source of the truth about the status , location and content of their devices , IT teams will chalk up a quick win for ensuring the unthinkable doesn ’ t happen for some time to come .
Request your demo of data & device security from Absolute at www . securityplusonline . co . uk / absolute