The ways companies risk security in a crisis: internal threats
26.05.2020

Internal threats

Your own employees aren’t less dangerous for business than hackers or external scammers. According to SearchInform, 100% of companies identified the attempts of employees to take corporate data during the first months of using the company’s services. In a crisis, and in marks of panic, the risks only grow.

Firstly, there are organizational and technological risks. To protect employees, companies transfer them to remote work, and do it in a hurry. If an organization does not have experience in this, remote access to corporate resources is configured somehow. For example, if you do not configure VPN and two-factor authentication when connecting, employees from home get connected to CRM or network folders via unencrypted communication channels and attackers can intercept traffic. 

For convenience, some corporate documents are uploaded to public clouds or to personal flash drives of employees. And there is a risk of accidental or intentional leaks.

Not all companies can provide employees with corporate PCs, they have to work from their own devices and not all employees’ PCs are protected at least by antivirus. 

Secondly, the human factor plays a very important role. We’ve already mentioned the tricks of cyber fraudsters, but you have to be prepared that any employee, out of fear or curiosity, can click on a malicious link or respond to fake emails. In addition, in any team there are those who are open to catch fish in troubled waters. These employees will try to carry away everything that isn't nailed down – from paper clips to customer databases – or to perform their fraudulent schemes. The experts predict that the number of leaks and other dishonest actions through the fault of employees in the current crisis will double.

The situation worsens on the free territory outside the office. At home, people generally tend to relax and think less about security. As a maximum, when dishonest employees are out of control they will easily scam. As a minimum, discipline regresses, a lot of distracting factors appear which ultimately affects employees’ productivity and hits employers where it hurts the most – their wallets.

If the crisis progresses, there will be another problem: staff reduction and discontent of those who are forced to leave the job. Such dismissals are dangerous because employees can take sensitive information with them in order to gain respect in a new place, or simply try to revenge - to delete, edit or steal critical data.

How to protect?

•    Protect access to corporate services. Connecting to corporate resources - only through VPN and two-factor authentication.
•    Install employee monitoring solution. For example, time tracker software for employee productivity control or DLP system, that monitors all possible data transfer channels and prevents information leakages, and at the same time reveals signs of corporate fraud such as kickbacks, side-selling schemes, sabotage. 
•    Transfer your employees to remote work with corporate laptops. Let the IT department encrypt hard drives and previously close the ability to change the configuration of software and hardware. And it’s very important to set up corporate cloud backup. An additional plus is that you can install any employee monitoring software on corporate PCs, the main thing is to warn employees that it will be active while working outside the office.
•    Configure terminal access for those who will work on personal devices. In this mode, all work is done on the corporate server; the remote PC only displays information on the screen and allows you to enter data from the keyboard. Corporate files will remain in the corporate environment, and the risk of data leakages is reduced if there are data protection systems on servers, in databases and file storages. 
•    Get help from outsourcers if you don’t have enough hands or resources to ensure full control. Information security outsourcing services suggest that a provider supplies security software and a specialist who works with it. It is faster and cheaper than urgently purchasing hardware and software, especially since in an emergency they may not be available from suppliers. 

Protective measures in a crisis do not differ much from regular ones. At the same time, cyber threats and internal risks always exist. If you immediately build business processes taking into account security requirements and have an action plan in case of force majeure situations with pre-scheduled resources, then even in difficult times you can work without problems. Ultimately, this is exactly what your business needs during a crisis.

Subscribe to get helpful articles and white papers. We discuss industry trends and give advice on how to deal with data leaks and cyberincidents.