The recent 2014 Verizon Data Breach Investigations Report has revealed that users’ access rights have become a weak point in security policies for a majority of organisations. Specifically, the report reveals that 88% of security incidents were caused by insider misuse.
The issue of insider threats is aggravated by the fact that a breach can take days or even weeks to be discovered; in some cases, years may pass before organisations find out they have been compromised. Ultimately, only 9% of data leaks were discovered due to continuous auditing of IT systems.
Featured Download: CISO Data Breach Guide
In light of this trend, Netwrix believes that monitoring access privileges on a regular basis and protecting systems against insider misuse is more important than ever, regardless of the organization’s size.
To help companies avoid security incidents and their consequences, Netwrix has formulated three key questions that every company should be able answer in the affirmative. Doing so will help them ensure their sensitive data is protected against insider threats.
1. Do you monitor user accounts’ activity regularly?
This is critical for companies where the number of user accounts is changing constantly or where, as a result of internal shifts, user permissions are regularly updated. The risks often hide in the active accounts of former employees and in accounts with redundant permissions. If you monitor changes across the entire IT infrastructure, you have complete visibility into who made a change, as well as when and where the changes were made; therefore, you can track any malicious activity.
2. Do you know your data and who has access to it?
The growing volume of security incidents caused by privilege misuse shows that companies are unaware not only of who has access to the data but also of places where this data is stored, uploaded, and shared. Monitoring your IT infrastructure and tracking changes made to sensitive data will help you to minimise security violations.
3. Are your employees aware that their activity is being monitored?
This practice should definitely be part of any company’s security policy. Publishing anonymous reports and sharing them among employees conveys the point that everybody is responsible for data security, and it forces employees to monitor their actions.
“Even with the understanding of the necessity to protect sensitive data, few companies realise that IT infrastructures should be taken under control. Unfortunately, far less of them track changes and monitor users’ access rights,” said Michael Fimin, CEO and co-founder of Netwrix. “However, having your IT system audited on a regular basis allows you to keep an eye on any malicious changes. Having complete visibility across the entire IT infrastructure not only facilitates investigation in case a security breach occurs, but it also ensures that your sensitive data is under permanent control.”
About Netwrix Corporation
Netwrix Corporation, the #1 provider of change and configuration auditing solutions, delivers complete visibility into who did what, when and where across the entire IT infrastructure. This streamlines compliance, strengthens security and simplifies root cause analysis. Founded in 2006, Netwrix is ranked in the Top 100 US software companies in the Inc. 5000 and Deloitte Technology Fast 500. Netwrix software is used by 160,000 users worldwide. For more information, visit www.netwrix.com.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.