Every organization worries about insider threats and insider attacks, and with good reason. Enterprise security surveys over the last decade have consistently shown between 50% and 60% of reported thefts and other losses annually have originating internally.
This is concerning as many organizations usually have asset management systems built to protect their high value electronics, tools, and other materials from external attack. However, with proper planning and intelligent use, electronic locker systems can be powerful tools for protecting against insider threats as well.
Here are three types of insider threats that your security team needs to be aware of, and ways that the latest asset management solutions can help protect against them.
1) Intellectual Property Theft
While data breaches perpetrated by external hackers have made most of the headlines in recent years, IP theft carried out by insiders is more costly to remediate on average. Unlike with external attacks where hackers usually just scoop as much data as possible, insiders know how to target the most vulnerable and most valuable assets.
New research from the Ponemon Institute found that the average incident remediation costs per inside attack were $513,290 in 2017. That same report also found that these attacks are on the rise. Since 2016 the rate of reported insider data thefts has almost tripled.
What Asset Management Tools Can Do: Limit the Exposure of Your Electronic Devices
Secure your sensitive electronics in smart lockers so they’re only active—and therefore vulnerable—when an authorized user removes them. Lockers automatically record all of these transactions so you know exactly which personnel accessed which assets and when. This can aid both compliance efforts and investigations if theft does occur.
You could also use an asset locker to secure your employees’ BYOD (Bring Your Own Device) electronics outside of sensitive areas. Almost every mobile device has a camera and A/V recording capabilities, which means they can be used to capture and record information with your facility, from employee conversations, or from computer screens.
Disgruntled employees can do a considerable amount of material damage using their institutional knowledge.
The specific target varies by industry: Electric utilities deliver power over a physical network that includes many key hubs, like generating facilities and substations, which are often in hard to secure locations. Pharmaceutical manufacturers often utilizes very expensive reagents and drug precursor mixtures, which are stored in easily movable containers, and are also very costly and time-intensive to produce. Virtually every asset in law enforcement is high value, from the motor pool, to firearms, to evidence in lockers.
But what doesn’t vary are attackers’ motive. They’re always going to look for the highest value and most vulnerable assets, whose lose can damage you the most.
What Asset Management Tools Can Do: Monitor for Changes in Employee Behavior
If the assets you care about are secured using access control or key control systems you can analyze the transaction logs they generate for changes in employee transaction patterns. Has a technician unexpectedly started swiping into the data center at the end of the night shift, every single night? Is an administrative assistant signing out the petty cash key at lunch every day?
Many control systems can also be configured to issue alerts for missed returns or repeated unauthorized access attempts on critical assets.
In fact, another study from the Ponemon Institute found that this kind of user behavior analysis was the most effective incremental cost-savings measure for mitigating insider attack damages.
3) Reputational Damage
Beyond the tangible damage that insider attacks can cause, there’s also the damage to reputation that you face from negative news or social media coverage of those attacks. Over the long term this can often be more damaging than short term material losses in productivity or in remediation costs, as investors withdraw funding or customers look elsewhere for services.
What Asset Management Tools Can Do: Secure Your Personnel as Well as Your Assets
When it comes to insider threats, the security of your assets is only as good as the access rights you have in place. If a disgruntled employee has access to every facility key and is determined to walk out the door with all of them when they quit, your keys were never really secure in the first place.
While monitoring for changes in behavior is critically important here as well, you need to have processes in place to make rapid changes as soon as threats are detected. This could mean improving communication channels between security and IT, or directly with supervisors and HR. You need to be able to rapidly change employee access rights when terminations are eminent, or better yet, modify your reporting and monitoring when disciplinary action takes place, before a disgruntled employee can become a threat.
The Bottom Line
The biggest takeaway for planning your security program is knowing that insider attacks have more to do with the ‘insider’ than the actual ‘attack.’ They’re people-centric problems that require people-centric security solutions. Deterrence, rapid response, and thorough data collection are your greatest tools to leverage here. All of which are security actions made stronger using real-time asset security and positioning tools.
Learn how asset and location management technology can protect your company from insider attacks.
About the Author
Jay Palter, VP of Marketing