system — 2013-07-18T02:35:15-04:00 — #1
Did you know that internal employees are even bigger threat for your data? Almost 1/3 of the information is breached by the internal employees of the company incidentally or deliberately. How can it be stopped? Any suggestion?
alek_mochahost — 2013-07-18T11:37:02-04:00 — #2
Being careful who you give permissions is a start. Depends on the business you have. Don't give 100% access not even to the highest standing admin and avoid giving sensitive information about clients to anyone that doesn't absolutely necessarily need it. Do backups of all data on external hard drives and have them with you!
I know of a company that got tricked by its chief developer. The guy had a 20% share in the company and still deleted core files on the servers, stole the database, including the clients and opened his own company one month later.
hamiltondist — 2013-07-18T22:00:16-04:00 — #3
They can be the ideal spies of competing companies. I say whoever is under your employ you should give them less than 50% accessibility to all of your business functions. Don't give them the access to your highly sensitive files or printed documents. Just like what Donald Trump had said, "Work with them, but don't trust them."
system — 2013-07-19T06:56:01-04:00 — #4
yes, of course, that is the reason never give your employees even the administrator, the 100% access to your personal and confidential information.
alexhooper — 2013-07-20T02:39:37-04:00 — #5
you can monitor all the activity of employee computer system by using proxy monitoring software that create logs of all data transfer activity in particular system.
ziggyjustice — 2013-07-23T17:41:49-04:00 — #6
I'm going to speak from the network administrator perspective.
- Controlling physical access to equipment is priority one. If they can't touch it, compromising security becomes increasingly more difficult and easier to track on your IDS.
- USE AN INTRUSION DETECTION SYSTEM (IDS). Preferably the most active you can afford.
- Disallow the use of workstations outside of regular shifts. You can do this by policy and through user configuration.
- Maintain a policy of giving only enough access to each employee so they can accomplish their job.
- If possible within each work-group divide responsibilities so that no one has access to all of the files on a project.
- Separate your internal network (servers, NAS, domain controllers), from your work-station network using a router and very selective ACLs. Preferably your internal network should have it's own VLAN(s) as well to further segment access.
- Maintain a robust NAS, mandate its use. Files left on workstations are a liability. Web 2.0 is your friend this time.
- Backups, backups, backups. They may think they have bombed your servers, or deleted/altered an important file. But last night's backups ensure you only lost a days work. Insufficient backups may trigger a "career altering event", and it won't be the happy kind.