Following the news that a former Expedia IT support employee has plead guilty to using his position to access confidential data and facilitate insider trading, Rui Melo Biscaia, Director of Product Management at Watchful Software commented below.
Rui Melo Biscaia, Director of Product Management at Watchful Software:
“This case demonstrates how much damage malicious insiders can cause, especially when armed with a high level of privilege and little oversight.
“The threat of trusted insiders abusing their positions can be greatly reduced by ensuring that confidential files can only be access by the authorised user themselves. Internal support staff that are able to access other users’ machines should only be able to access files and network areas relevant to their current job, rather than having free reign over information that would normally be highly restricted. Classifying and encrypting all confidential files against unauthorised access will also help protect against external attackers that are able to gain control of a system.
“Expedia should also have immediately revoked all access to their systems as soon as the employee left the organisation. Even if the company device is not returned, a remote kill option would allow them to instantly revoke all access at a moment’s notice.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…