Insider Threat at The Age of No Perimeter

Traditional IT security defenses such as antivirus, backup, and firewalls are fairly effective for protecting companies against cyber attacks coming from the ‘outside’, and they definitely have a role to play in securing the perimeter of your clients’ networks. Your clients, however, are neither castles nor fortresses that can be completely sealed off.

Valuable data including personnel records, pending sales, product designs, and backup files are the lifeblood companies, which is why file activity monitoring and data leakage protection is a critical piece of the overall IT puzzle. Unfortunately, it’s also a piece which is often left missing when businesses fail to see what’s happening right under their noses and actively ignore the growing risk of insider threats.

File protection requires looking behind the perimeter

Tools focused on perimeter defense simply aren’t effective at defending against insider threats. It’s not enough to block unauthorized access to your clients’ systems – you also need to prevent the problems caused by authorized users doing things they shouldn’t. Setting and updating user and group permissions on files and folders, both on desktop workstations and servers is necessary for basic security within the network, but those permissions alone fail to provide any protection when an authorized user can use their valid read permissions to copy data to a USB thumb drive or Google Doc. They’re also powerless to prevent a user from emailing an Excel file to an outside (and unauthorized) party containing sensitive or privileged information

Permissions can’t protect you from data leakage

 Furthermore, permissions can only be applied to existing files and folders. Even if you’ve set up those permissions to be inherited by new files and subfolders, that inheritance only applies to new files and subfolders created inside those already existing folders. Therefore, files created by exporting sensitive data from a business application like your ERP or CRM systems would be unprotected since the user can choose that file to be exported into a folder without strict permissions. Consider an example of a sales manager exporting a spreadsheet from your ERP containing a list of customer accounts and credit card details into their “Documents” folder, or a shared drive on the network which is world-readable for convenience.

In either case, you wouldn’t even know that file existed unless you were looking for it and knew how to identify it as a file containing sensitive information. If you don’t know that file exists, there’s no way for you to protect it or monitor who views or modifies it.

You also would never know if that file was emailed to someone outside the company, transferred over an insecure protocol like FTP, saved to a company or personal laptop which was then stolen, or copied onto an external hard drive or USB stick which an employee then took home. In order to track and control sensitive and privileged company secrets, you need to monitor and control the files which contain those secrets, and this must be done over the entire lifetime of the file from the moment of its creation all the way through every edit, view, copy and rename. Only then can you meet the challenge of data leakage from inside threats like user mistakes and industrial espionage.

Only robust file protection can stop data leakage from the inside

This file-centric approach to data protection is at the heart of Actifile. By automatically classifying and tagging all files the moment they are created – whether exported from business applications or created within protected folders – they can be tracked over their entire lifetime. Since the tracking works by attaching code to the file itself, any time someone tries to email that file as an attachment, print it, copy it to a portable drive, or upload it to an outside server, that activity is immediately detected and stopped, with the appropriate people notified immediately.

Since this classifying, tagging and monitoring of files containing sensitive information is automatic and requires little human input, managed service providers can monitor the file activity of all their customers all at once, with a dashboard providing a “single pane of glass” into your entire customer base.

Where are the opportunities for data leakage in your customer’s networks? Our free risk analysis survey tool can show you where the holes are and how our file protection solution can safeguard your customers’ sensitive data. Data leakage from the inside is embarrassing and damaging to you client’s brand, opening the door to regulatory fines and lost customer trust.