Translate

петък, 25 ноември 2016 г.

Как да противодействаме на заплахите към информационната / кибер сигурност, предизвикани от "вътрешни" ("наши" хора) ? Част 6


Combating the Insider Threat
© 2015 Lancope, Inc.

Table of Contents

Chapter One
WHO IS ATTACKING YOUR NETWORK?
Chapter Two
INSIDER THREAT MOTIVES AND METHODS
Chapter Three
DETERRING INSIDER THREATS WITH TECHNOLOGY
Chapter Four
USING NETWORK LOGS TO THWART INSIDER THREATS
Chapter Five
BEYOND TECHNOLOGY
Chapter Six
SUMMARY & TOP 10 WAYS TO COMBAT INSIDER THREATS

Chapter Six

Summary & Top 10 ways to combat insider threats

In conclusion, it is critical to recognize that insider threats come in different forms, and technologies that
stop one type of insider attack may not necessarily be effective against others. Nonetheless, it is important to adopt a comprehensive range of solutions such as access control and encryption technologies, which can play a big role in deterring insider attacks.
And don’t forget about the use of network logs, particularly NetFlow, for continuously monitoring user
activity. Advanced technologies can take the capabilities of NetFlow even further by providing additional
security context and helping organizations make sense of the plethora of data available on the network.
In the end, however, insider threat prevention is about more than just technology. Other key groups
within the organization, including HR, Management and Legal, for example, also need to join IT in the
fight against insider threats.
Please refer to the following Top 10 List for a comprehensive recap of insider threat prevention methods.

Top 10 Ways to Combat Insider Threats

1. First and foremost, it is important that your company conducts thorough background checks before
hiring employees, contractors or third-party vendors.
2. Once employees are hired and given access to sensitive systems, establishing appropriate checks and balances for access to confidential data is key.
3. Thorough measures must also be taken to revoke previous employee and contractor access to
your company’s systems.
4. Understand the different types and characteristics of insider threats – negligent, malicious and
compromised – so that you can better detect and protect against them.
5. Remember that access controls can serve as a key deterrent for both negligent and malicious insiders.
6. Additionally, encryption of data at rest is crucial for minimizing the impact should a negligent employee lose his/her laptop or other equipment.
7. Of course, user education should not be overlooked. It is a lot easier for employees to abide by best
practices if they are aware of them.
8. The collection, analysis and storage of various types of network logs should be a critical component of any insider threat security program.
9. Remember that some monitoring solutions provide additional security context, such as identity
awareness, which can be invaluable for quickly tracking down the source of insider attacks.
10. Last but not least, it is important to realize that the IT department alone cannot adequately protect a
company from its own insiders. Insider threat programs must also involve Management, HR and Legal.

Няма коментари:

Публикуване на коментар