MSPs: Are You Prepared to Handle the Insider Threat?
As cloud computing continues to transform how business is being conducted, a lot of attention has been paid by managed service providers (MSPs) to external and technical security threats. Almost all cloud-based file sharing systems have very powerful security features. You can hardly find an MSP who does not offer two-step authentication, robust encryption and periodic data backups. After all, no company will even bother knocking on your doors if you cannot convince them their data will be in safe hands.
But while technical security features and jargon might instill a measure of trust in your customers, have you really considered the threat your own organization might pose to your service?
A well-motivated workforce has the potential to transform a business landscape for the better and drive an organization to success. But, it only takes one disgruntled employee to send your company back to square one.
In their study, The Notorious Nine: Cloud Computing Top Threats in 2013, the Cloud Security Alliance (CSA) declared malicious insiders to be among the greatest threats that cloud-based service providers can face.
But, who qualifies as a malicious insider? From the report:
"A malicious insider threat to an organization is a current or former employee, contractor, or other business partner who has or had authorized access to an organization's network, system, or data and intentionally exceeded or misused that access in a manner that negatively affected the confidentiality, integrity, or availability of the organization's information or information systems."
Essentially, any person within your organization who can hurt your company by forwarding their own self-interests is a malicious insider. This may be a disgruntled employee that was laid-off, a person that intends to make a quick buck by selling your secrets to interested parties, or someone that unwittingly opens your system/data to potential harm.
Another study by Vormetrics revealed insider threats are becoming ever more pronounced. Their report, ESG Insider Threat Survey, 2013, takes findings from Fortune 1000 companies and revealed that 54 percent of executives in large and mid-sized enterprises believe it is difficult to detect and prevent insider attacks today.
While this is a troubling matter for any business, an MSP offering a cloud-based file sharing service deals with this doubly so! Remember, many businesses trust you with a lot of valuable information. Losing it or having it stolen can very easily sink your company.
There is no magic bullet solution out there which can help you stay ahead of people with malicious intent. However, this does not mean you are at a complete disadvantage. As ZoneFox, a service providing endpoint monitoring and threat detection, says, “A rogue insider will generally go through a series of clearly identifiable steps in order to successfully steal commercially valuable and sensitive data from the organization concerned.”
This is good news for you. It means that you can identify developing trends and take steps to ensure that your data does not fall prey to theft.
Vormetric suggests organizations should adopt the principal of least privilege, where access to sensitive data should be limited to IT administrators – and only for the time needed to complete the work. You should also consider using time-tested encryption technologies for sensitive data to ensure no breaches occur.
Zero knowledge privacy standards, where a user’s files are encrypted on their machines before being uploaded, can also be used to ensure only the user has access to unencrypted files. This can almost guarantee no one in your company can access or tamper with them.
Finally, sensitive data usage and access should be continuously monitored to ensure that it is not being abused in any way.