Many people see asset management systems only as ways to protect their company’s electronics and hardware from theft. But current security technology collecting real-time, location-based data is also effective at protecting your company against a range of insider threats.
The need to protect against such threats is unfortunately great. A study from X-Force Research found that nearly 60% of all corporate attacks, totaling nearly 80 million annually in the United States, were carried out by authorized personnel. That includes employees, contractors, and vendors.
According to a separate study by the Ponemon Institute, these insider attacks caused over $43 million in damages in 2016. The top three affected sectors were financial services, manufacturing, and retail, but all economic sectors reported incidents.
Real-time asset management and location systems are effective tools for mitigating damage from internal threats to your company. These systems act as deterrents, rapid response tools, and—most importantly in new, expert opinion—help you identify at-risk personnel before they act against your company.
Varied Internal Threats
There are several, general threats your company could face from insiders.
Intellectual Property Theft
Trade secrets and other proprietary data are unfortunately common targets for theft by corporate insiders.
A recent high-profile example was the joint conviction of former General Motors engineer Shanshan Du and her husband Yu Qin. They were convicted of giving thousands of GM’s proprietary hybrid engine technology design documents to a Chinese competitor.
Disgruntled staff can do significant damage to your business given their access and knowledge of your organization.
Ricky Lee Mitchell was a network engineer at EnerVest, a West Virginia oil and gas company. Mitchell became aware that he was to be terminated before security restricted his physical access. He used that access to enter the company’s data center and cause as much damage as possible.
In federal court proceedings, EnerVest representatives testified that his sabotage caused nearly half a million dollars in lost revenue. And their international operations were compromised for over a month by the incident.
A secondary, but significant, effect of insider attacks is the reputational damage your company might face due to service outages, negative media coverage, and loss of customer trust.
To maintain performance, you need to find the right balance of security and accessibility. Stay accessible, but not at the expense of protecting valuable assets and business processes.
Using Real-Time Asset & Location Systems
Asset and location tracking tools give your business a range of methods to defend against insider threats. Here are recommendations for using real-time data collection features to get the most out of these systems.
Have a Plan
Prioritize protecting your business’s highest value and most exposed assets. These are the targets any attacker will prioritize, and they’re also the ones inside attacks gain the most advantage against.
Also, tailor controls around individual employee access areas. For example, a disgruntled IT staffer will be more capable of damaging your data center, where they know how to find your high-value hardware, than your inventory in a warehouse.
Use Management Systems to Monitor Changes in Behavior
Security experts recommend analyzing employee access patterns to identify risk factors. Real-time location and asset management systems provide a wealth of automated transaction logging to identify unexpected changes in behavior.
Is an engineer now entering your data center on an unexpected schedule? Is an admin assistant repeatedly checking out assets at the end of their shift? Are they regularly clocking in and out at different times without authorization?
The Ponemon study referenced earlier also found that companies using this type of User Behavior Analytics (UBA) saw an average cost reduction of $1.1 million per insider attack, making it the largest incremental cost-saving measure currently available.
Limit Exposure to External Electronic Devices
The risk companies face is great enough just accounting for their own corporate assets. The risk of attack or compromise jumps significantly when your facility and network are exposed to external electronics. For example, through your company’s Bring Your Own Device (BYOD) policy.
Whenever possible, limit your company's exposure to unnecessary personal devices. Each unmanaged device within your security perimeter represents a risk of attack. Asset lockers can aid in device management, and they integrate well with other location and access control systems.
Involve Security Prior to Employee Terminations
The case of Ricky Lee Mitchell should be a warning. IT, Security, and HR teams should coordinate prior to employee terminations and other sensitive HR actions.
Revoking or reassigning employee access to your facility must be precisely timed during these events. This helps prevent damage and even workplace violence by limiting your disgruntled employee’s access to company assets and your other personnel. Centralized security management systems make this coordination easier.
People-centric problems like insider attacks require people-centric solutions. Real-time asset management and location systems are effective tools for mitigating the risk of internal attack. They act as deterrents, rapid response tools, and through data collection, can identify threatening personnel before they can harm your company.
About the Author
Shannon Arnold is the VP of Marketing and Strategic Partnerships at Real Time Networks.