Containing Insider Threats With Monitoring and Coaching

By on Feb 02, 2016

Do you know that insiders, whether through accident or intent, account for more than 40% of data exfiltration? These incidents often happen when Office documents are copied to a removable drive, USB storage, or cloud file sharing application. One way to significantly reduce these incidents is through the use of a file protection and encryption tool that provides not only monitoring but coaching capabilities.

For example, imagine that I’m sitting at my desk and want to upload a couple of files to a cloud storage site. One of them is the preliminary earnings report that I want to review on my phone later this evening at home. My company’s web gateway displays a page informing me of corporate confidential policy and immediately presents the recommended corporate solution. Instead of just blocking the users’ actions, providing guidance and real-time solutions are great ways to adjust risky behavior.  Leaving your users hanging just generates calls into the IT team asking for guidance.

Later this evening, when I try to sync the earnings report, it is identified as confidential information and I’m asked for business justification for moving this document to the cloud unencrypted. Now I can use my judgment to decide what to do, informed and enabled by the file protection software.

Reminded of the sensitive nature of the document that I am trying to put in the cloud, I create an encrypted and secured folder. Instead of relying on the cloud storage service’s encryption, I use encryption keys that are owned by my company. Now the file is allowed to sync to the cloud, and it is secured against accidental leakage, theft of my credentials, or other malicious attack. With a corresponding mobile app, I can decrypt and review this document on my phone or tablet.

As you can see, the act of automatically querying and coaching people on appropriate tools and behavior is very effective. Coaching has a track record of reducing risky behavior, such as uploading unencrypted confidential documents to cloud storage or USB drives, by 75%. File and removable media protection is an excellent way to reduce accidental and intentional insider threats.

About the Author

Cindy Chen

Cindy has over 10 years of experience in the cyber-security industry. As a data protection specialist, Cindy is passionate about educating the field and sharing best practices on creating a better data security culture. Cindy has conducted primary research projects on data exfiltration, and spearheaded thought leadership programs via webinars, videos, and industry roundtable discussions. ...

Read more posts from Cindy Chen

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to McAfee Securing Tomorrow Blogs