How Do You Manage High Risk Users Within Your Network and Prevent Insider Incidents?

High Risk Users and Insider Threats
With the recent Shopify data breach, now is as good a time as ever to review the access rights of your high risk users.

It was reported this past week that an insider incident occurred at Shopify, one of the world’s largest eCommerce platforms, where two support desk employees exfiltrated sensitive data from their network. This incident should raise an important question for everyone responsible for securing an organizational network – how do you manage high risk users such as these support desk employees and protect your organization from a similar incident? When big names become victims of a data breach perpetrated by an insider, it tends to lead to some self-reflection on your organizational capabilities and practices. High risk users are almost always going to be a risk for organizations, but with the right strategies and tools in place, you can minimize your threat exposure and protect your organization from a damaging data breach.

Identify Your High Risk Users

There are several situations where users in your network can and should be identified as high risk. The first would be your privileged user base. Generally speaking, the more privileges the user can access, the higher the risk. Some users will absolutely need to have the level of privileges that they have – doing their jobs properly will depend on it. But that won’t make them any less of a risk and this is an important fact to keep in mind. In addition, vulnerable users will comprise another segment of your high risk population. These are your users which could potentially be manipulated into giving up information to security threats. While the main worry here could be on attacks/breaches from the outside, don’t discount the possibility of an insider incident with these users either.

Audit Privileged Access on a Regular Basis

In order to manage your privileged users effectively, you’ll need to regularly audit their permissions on a case-by-case basis. The principle of least privilege is the best practice to strive for here. You can also utilize tools that limit access based on the time of day or segmented by role within the organization. Whenever you onboard new employees that need privileged access, ensure that you are following this principle of least privilege and monitor activity appropriately.

Educate Your Employees on the Risks

Your vulnerable users will need to be made aware of the various risks out there and be given effective strategies that are proven to lessen overall organizational risk. Developing and maintaining a robust education program is a solid investment that pays dividends for your organization and has been shown to play a big role in protecting against insider incidents. If your current educational strategy is less than ideal, consider partnering with a company such as ITMG to bring it up to speed.

Contact ITMG to Assess Your Current Capabilities and Develop Strategies and Protocols Designed to Help Your Company Mitigate Your Insider Risk

ITMG is an industry leader in helping organizations throughout the United States strengthen their insider risk management programs and secure sensitive data and intellectual property. Our team of bona fide experts has the real-world experience necessary to plan out and create holistic security solutions tailored to the special needs and risks in your industry. Contact ITMG today to learn more about how we can help! You can also visit our FacebookTwitter, and LinkedIn pages for more updates and insights into the world of insider risk management.

Discover more from ITMG

Subscribe now to keep reading and get access to the full archive.

Continue reading