10 People Who May be Your Greatest Inside Security Risk

TS16031 ThreatStack InsiderThreat BlogImg

Last year was the worst on record for information security threats, and the majority of those were due to inside sources, many studies agree.  Prime suspects are employees and contractors with privileged user access. These 10 employees could be your greatest internal security threat.

The Chief Executive Officer

Yes, the person at the top should top your list. “Earlier this year, the FBI estimated that sophisticated scams targeting CEOs have cost companies $2.3 billion in losses in the last three years alone,” Sam Elliot, the director of security product management at Bomgar, says. “These types of attacks on CEO credentials and information show that the outside attackers will go after both the very top and the very bottom of an organization.”

The Executive Assistant

A little information can be a dangerous thing. In many organizations, executive assistants may hold lots of keys. Often they are allowed access to sensitive information on executives, processes and systems such as log-in information, financial information and high-level files. This makes them valuable targets for outside threats.

The Security Consultant

Remember, they’re really not part of your organization. Layered security often requires integration or support from various security providers. Since they’re likely to be given access credentials and the ability to move around a network, companies should take the time to audit these providers to assess how strong their own security really is before engaging with them.

The Former Employee or Vendor

Breaking up can be very hard to do. One of the most common failings facing organizations across all sectors is eliminating access to systems once an employee or vendor relationship has ended. Without closing off this access, companies are vulnerable to an attack. A best practice is to eliminate these profiles to reduce the attack surface.

The New IT Leader

What they don’t know can definitely hurt you. Hackers can be surprisingly sophisticated – searching online to perform social engineering before attempting to gain access. A new IT administrator that is unfamiliar with protocols and processes could be highlighted as a target by outsiders seeking to exploit the lack of domain knowledge to trick them into providing access.

The Social Media Manager

Any attention is good attention, many social media managers believe. Because a social media administrator is frequently online and public-facing, information about them may be readily available on networks like LinkedIn. Cybercriminals may seek access to a company by posing as a social media administrator who claims to need access to a system or other information.

The Outside Vendor

What a tangled web we weave. Many enterprises, especially large ones, rely on a complex system of vendors to conduct normal business operations. As seen in several high-profile hacks, when these vendors are given direct access via VPN to the systems that they manage, that access can provide a gateway for hackers. Enterprises should ensure their vendors are only granted limited, controlled access.

The Temporary Employee

Temporary status warrants a closer look. In retail and other service industries, certain time periods introduce seasonal and part-time employees, including within IT. They are often provided temporary access to online systems like payroll and other portals where data is held, and may also be provided hardware such as laptops or mobile devices. These employees should be treated with the same security safeguards as any other workers.

The Cloud Computing Manager

Hosting data in the cloud increases its risk and vulnerability. With more information being moved to the cloud, those that manage cloud infrastructure are increasingly important privileged users. Whether building an architecture or managing a cloud platform, or governing data, these individuals will have deep and wide access to a company’s information, making them potentially lucrative to hackers.

The Company Charity Organizer

The road to ruin can be paved with good intent. As seen in the JP Morgan Chase hack of 2014, attackers never lack in creativity. Many large and small charitable organizations affiliated with a corporation or corporate sponsor may be provided access to employee databases, or be the holders of valuable information on employees that have participated in charitable drives or functions.

[via:CSO]

Related Reading: