Your company is most likely aware that data breaches, or the theft of internal information, often comes from the inside. Recent numbers suggest that as much as 50% of all data theft comes from internal employees, not the nameless, faceless hackers people often worry about. Most companies spend some time with training issues that can help in the realm of employee negligence, which does cause a percentage of the problem in diminished security. However, many large companies haven't addressed something far more insidious - possibilities of data theft from administrators.
Administrator Authority and the Ramifications to Security
System administrators often have complete access. There's a reason for this - your system administrators need to be able to access areas to respond immediately to any issues. There are different levels of authority. Your company should have a protocol in place to monitor employee activity and what they have access to in your system. Not every employee will need the same clearance - your systems administrator will need access to a great deal of your company data but a receptionist, for instance, will need very little. It's important that companies put together a set protocol which details the authority employees have, as well as safety measures designed to track what employees are doing. While most people don't want to contemplate the idea that a trusted employee might steal information or otherwise compromise security, percentage-wise, this is the largest threat your IT department faces.
There are a few ways that an employee's administrator authority can damage the company a whole.
- Downloading Unauthorized Software. Those with administrator access might download programs that aren't authorized on the system. This might be completely innocent. The employee might be downloading a program to streamline their work efficiency. The problem is that some programs can contain malware (one of the most common ways hackers access sensitive information).
- Theft of Confidential Information. Those with large administrator authority can literally make copies of all internal information. There have been cases where disgruntled employees even gave themselves higher access and copied other passwords to maintain access long after they left the company. Thinking about the ramifications of this kind of theft is astounding because it can compromise anything and everything - from giving direct competitors access to internal records to compromising every client account.
Developing Protocols for Administrator Authority
There are still a great many companies that have no strategy in place to deal with administrator authority issues. It can't be understated how costly this mistake can be in the long run - it virtually negates all of the time and effort spent on advanced security software and measures because the internal threats can simply maneuver around them.
Some things your company needs to consider in developing a strategy.
- Limiting Access. There should be a set amount of access given to individual employees based on their responsibilities. To allow for greater access, there needs to be a protocol in place to grant authority and document it.
- Monitoring Employees Through Username/Password. Employees should have individual usernames or a way to identify which person is responsible for a set activity.
- Real Time Monitoring. It isn't enough to monitor and log employee activity - this will only give you a record of what's happened once it's already done. It's important that companies implement real time strategies to stop activity. This might mean that multiple people need to sign off on access to certain aspects of the database or it might mean a software solution.
The reality today is not exceptionally different from the big business concerns of yesteryears. Before the internet, corporate theft was always an inside job. While there are definitely outside threats to worry about today, the most dangerous problems will still be found inside the walls of the company.
Need help keeping your data secure?