On July 16, 2020, Twitter experienced an unprecedented hack against its systems. Initial investigations determined that the hackers used a Twitter employee's internal support tools.
In the wake of this, many companies are asking, "How can we protect ourselves against our own staff and their internal access?" It may be unpleasant to look suspiciously at your own staff, but robust auditing and monitoring tools are essential to a modern business and its security. Whether from a compromised account or a disgruntled employee, there are steps you can take to minimize risk.
Five Action Items to Protect Data from Employee Theft
Not sure where to start? Here are a few ways to help protect your business's data from the inside:
1. Look into options for Data Loss Prevention (DLP).
A primary tool to catch data theft is Data Loss Prevention (DLP) software. This can be set up to monitor several areas, including mass-emailing of Social Security Numbers, downloading credit card numbers and copying company data to USB drives. This is an especially important step to organizations that store valuable data.
2. Make sure your admins and HR understand litigation holds.
Many email systems, including Exchange and Office 365, support placing users on litigation hold. The user does not notice any change, but anything they delete is archived behind the scenes. This is useful if you suspect a user may delete something that will be needed later for follow-up or litigation. Consider enabling a litigation hold if the user shows any red flags concerning their handling of data or if you may be required to provide their emails for a legal matter. (And always check with your legal counsel.)
3. Check where your backup data is being stored.
Loffler recently worked with a business whose data and backups were all hit by a ransomware attack. What saved the day? Offsite data backups! Many backup services will store multiple copies of your critical data in multiple locations. Even if a hacker or employee deletes important data, this gives another layer of protection. Ideally, even your head of IT should not be able to easily delete all backup copies.
4. Ensure someone is monitoring for data security red flags.
From their first day at work, each employee should be told of their security expectations and be made aware of auditing for red flags. Having policies in place and auditing to ensure those policies are working is essential to ensuring you're keeping your organization safe from data theft. Having your systems monitored may help pinpoint users who need additional training or highlight the need for other action.
5. Ensure your executives are abiding by security policies — and talking about it.
In many workplaces, "the boss" believes that security rules don't apply to them. This is not only a major security risk, but also a terrible precedent: "If my boss doesn't need a security code, why should I?" If security and accountability are happening at the top, your whole organization will notice.
Loffler takes data security seriously, for ourselves and our clients. We would be happy to speak with you on any of these topics to help fortify your business and its data.
Jon is a Network Engineer in the IT Services Group at Loffler. He has worked in IT for over 20 years, focusing on server configuration and network security. Lately, his focus has been helping clients move to Microsoft’s Azure cloud. In his free time, Jon collects far too many musical instruments and tries to find time to play them all.