Insider threats continue to be one of the largest dangers facing the majority of organisations. These may not always be malicious hackers, but could be careless employees leaking data. Either way, the damage can be extensive and can often go unnoticed meaning by the time it is picked up, the losses to the company are huge.
This is why events such as Insider Threat Awareness Month in the US are so important, as it reminds people that it is crucial for security teams to balance budgetary and business concerns with the need for effective protection.
As the IT ecosystem evolves and at a time where more and more organisations migrate to the cloud, shifting to remote work, and enabling BYOD (bring your own device) policies, defending against insider threats is becoming increasingly challenging. This article will take a closer look at the impact that new working practices are having on data security, how businesses are currently coping, and how they can improve their security posture in order to keep their data safe.
The Cloud Security Conundrum
The rise of the remote workforce and the resulting surge of unmanaged devices syncing corporate data throughout the pandemic have served as catalysts for BYOD adoption. Whilst this adoption has made the lives of employees undoubtedly easier, it has also created a much larger risk in terms of insider threats due to the unmanaged nature of the devices. In a recent Bitglass study, well over half (62%) of respondents said that data leakage/loss was their main security concern when it came to BYOD, followed by users downloading unsafe apps or content (54%), and lost or stolen devices (53%). Given how damaging all forms of these breaches can be, this makes sense.
Unfortunately, it is common for organisations to find it much harder to detect such threats; mainly because their traditional on-premise security tools don’t translate well to the cloud.
As a result, a worrying amount of data is currently exposed to potential theft which would cause significant business disruption. This can include extreme monetary losses related to non-compliance fees, multiple legal disputes, and a downslope in company trust and reputation. Businesses must prioritise having security tools that are capable of mitigating data leakage, no matter where the information goes.
Visibility and Control are Crucial for Effective Security
Interestingly, a significant majority of businesses still find it difficult to assess the real impact of insider attacks, which suggests they lack the levels of cloud visibility and control required to understand when/where data is being stolen. 29% of respondents stated that they have no visibility or control in place for mobile enterprise messaging. As a result, most security professionals are wasting significant amounts of time every day managing numerous unintegrated products that fail to provide the comprehensive, consistent security needed to protect against threats.
BYOD Further Compounding the Issue
As if it weren’t enough, the rise of the remote workforce resulted in a new surge of unmanaged devices joining the corporate network. 49% of those questioned were unsure if any of their BYOD had downloaded malware within the last 12 months. Additionally, half of organisations don’t have any visibility at all into messaging and file sharing apps on personal devices.
This lack of insight makes it incredibly tough to defend against insider attacks which often take advantage of BYOD policies. Notably, 18% of businesses block personal device access altogether, primarily because of the threats posed by such systems.
A New Way of Working Requires a New Approach to Security
In order to thrive in dynamic, cloud-based business environments, businesses need to do much more than simply rely on their old on-premises solutions to keep their data safe. Instead, they must ensure they’re deploying a security solution that is specifically built for the task at hand. Such a platform must enable secure access to web and cloud services, block rampant threats like malware, prohibit data leakage, and enable adherence to compliance frameworks.
Secure access services edge (SASE), pronounced ‘sassy,’ refers to a comprehensive cloud security platform that delivers on this new way of working. SASE integrates cloud access security broker (CASB), zero trust network access (ZTNA), and secure web gateway (SWG) technologies into a flexible platform designed to defend data wherever it goes.
SASE platforms allow enterprises to extend consistent security to all enterprise resources from a single control point. This enables the corporate security team to configure policies that secure Software as a service (SaaS) apps, control access to malicious web destinations, and prevent leakage in on-premises resources without the need for virtual private networks (VPNs). In other words, SASE replaces multiple disjointed point products, delivers significant cost savings, and provides the comprehensive security needed for a remote workforce in a cloud-first world.
As IT ecosystems continue to evolve, so too must the security solutions put in place to protect them. The global pandemic has resulted in millions of more businesses relying on the cloud and remote working to maintain operational efficiency. However, far too many of them have failed to make a similar investment in cloud-based security, leaving sensitive customer data and intellectual property dangerously exposed to insider attacks, as well as numerous external threats. With this new shift in the workforce looking increasingly long term, it’s time to take a closer look on how to avoid becoming the next victim.
By Anurag Kahol, CTO, Bitglass.
Anurag Kahol expedites technology direction and architecture. He was director of engineering in Juniper Networks’ Security Business Unit before co-founding Bitglass. He received a global education, earning an M.S. in computer science from Colorado State University, and a B.S. in computer science from the Motilal Nehru National Institute Of Technology.
