By Dhruv Khanna
Since the entire Cyber Security ecosystem is going through a series of attacks from ransomware to malware to insider threats, Small and Medium sized Businesses (SMBs) and Small Offices Home Offices (SOHOs) are increasingly implementing base security controls. But what they are ignoring is addressing the bigger issue i.e. insider threat. While working with a few of our clients in this sector we realized that internal controls are missing in many small businesses and if we go with the history of attacks and challenges, insider threat contributes to approximately 70% of security breaches. Based on our experience working with SMB/SOHO clients, here are some practices that clients can adopt keeping in mind that insider threats are employee driven, deliberated or sometimes unintentional activities that the business is exposed to:
- Monitoring of employees: This is the key in SMB/SOHO segment as employees handle sensitive information from multiple devices. Organizations need to enforce software tools at end-point to monitor & control sensitive information’s misuse.
- Proactive System: Businesses need to have a system that proactively monitors employee activities and behaviors that could impact Company reputation or can cause fraud.
- Preventing Personal Use: We have observed misuse of the organization’s network for many personal activities like use of social media sites, e-commerce, downloading personal content, using office printers for bulk personal work. While an open office culture leads to employee satisfaction, without the right values it can lead to unproductivity if the right tools have not been enforced. It is extremely important to invest in tools that monitor and control use of web-services, print services and account use of business apps and non-business apps during working hours.
- Malware Risks: It is important to stop propagation of malware/ransom-ware, by enforcing a strong application white-listing policy using an end-point tool. This would help clients not only in preventing attacks but also in controlling costs around blocking of unwanted apps getting executed on local end-points, control use of uploads and block usage of unwanted websites.
The above basic controls will help businesses in reducing IT costs across infrastructure, network and other shared services.
We recently did an assessment using our tool with 15 SOHO/SMB clients and the results were interesting:
- 40% of the company’s bandwidth is consumed for personal use
- Businesses have no clue about data theft and IT misuse
- On an average, 2 hours out of 8 hours are lost daily due to unproductive activities
Building a strong policy against insider threat is a must. If we extrapolate this data, global losses caused by Cyber Crime to Global Economy touched $ 400Bn. According to studies, 60% of data security threats arise from data thefts caused by defecting employees within the organization and 90% of today’s sensitive corporate data now resides in laptops, desktops, servers and mobile phones.
The recent Sony hack, Equifax hacks, Deloitte breach and numerous breaches demonstrate that even big companies that make heavy security investments are breached and insiders play an important role. Thus it becomes more critical for SOHOs/SMBs with limited resources to build a robust end user protection model with less investment and complexity.
Dhruv Khanna is CEO, Data Resolve, India’s emerging Cyber Security Product Company