{"id":2206,"date":"2016-12-08T08:30:08","date_gmt":"2016-12-08T13:30:08","guid":{"rendered":"https:\/\/tsisupport.com\/?p=2206"},"modified":"2021-07-19T00:39:52","modified_gmt":"2021-07-19T04:39:52","slug":"inside-job-real-threat-business","status":"publish","type":"post","link":"https:\/\/tsisupport.com\/tsistaging\/?p=2206","title":{"rendered":"Network Security Best Practices: Could the Real Threat to Your Business&#8217; Network Come From the Inside?"},"content":{"rendered":"<p style=\"text-align: justify;\">Today, the number of types of cyber-attacks which threaten the security of your businesses are endless.\u00a0 We\u2019ve discussed the <a href=\"https:\/\/tsisupport.com\/tsistaging\/directors-best-practices-e-mail-security\/\">greatest weakness in network security being users<\/a> before, but the focus was in a non-acting participant being coerced into clicking on a malicious link or opening a dangerous attachment.<\/p>\n<p style=\"text-align: justify;\">We often focus so much attention to building a secure network wall that we neglect the very real threat from within. \u00a0According to IBM\u2019s <a href=\"http:\/\/www-01.ibm.com\/common\/ssi\/cgi-bin\/ssialias?subtype=ST&amp;infotype=SA&amp;htmlfid=SEJ03278USEN&amp;attachment=SEJ03278USEN.PDF&amp;ce=ISM0484&amp;ct=SWG&amp;cmp=IBMSocial&amp;cm=h&amp;cr=Security&amp;ccy=US\" target=\"_blank\" rel=\"noopener noreferrer\">Cybersecurity Intelligence Index<\/a>, 55% of cyber-attacks are carried out by insiders. This is proven to have a growing impact on companies who are struggling to protect their proprietary information and data.<\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #800000;\"><strong>Don\u2019t Deny the Magnitude of the Potential Risk<\/strong><\/span><\/p>\n<p style=\"text-align: justify;\">Many organizations acknowledge that they do not have appropriate safeguards to prevent, or even detect attacks involving an inside employee.\u00a0 The result is over <a href=\"https:\/\/hbr.org\/2014\/09\/the-danger-from-within\" target=\"_blank\" rel=\"noopener noreferrer\">80 Million insider attacks<\/a> occurring in the United States each year.\u00a0 Though 80 Million is considered a very rough estimate due to most breaches going unreported.<\/p>\n<p style=\"text-align: justify;\">A further realization comes from the 2016 State of Cybersecurity &amp; Digital Trust report released by <a href=\"https:\/\/www.accenture.com\/us-en\/insight-cybersecurity-digital-trust-2016\" target=\"_blank\" rel=\"noopener noreferrer\">Accenture and HfS Research<\/a>.\u00a0 More than 200 enterprise security professionals were surveyed, with over 69% reporting an attempted theft or corruption of data by insiders during the last 12 months.<\/p>\n<p style=\"text-align: justify;\">Despite these staggering stats, there is little coverage on this known issue. For example, the <a href=\"https:\/\/www.sec.gov\/\" target=\"_blank\" rel=\"noopener noreferrer\">SEC\u2019s Cybersecurity Examination<\/a> initiative has only raised the topic of insider threats as a cliff note in their Assessment Tool since it began providing cyber security guidance in 2014.\u00a0 Hardly sufficient given the potential risk and reach such a threat has to your business.<\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #800000;\"><strong>So, what can I do\u00a0to Reduce Exposure?<\/strong><\/span><\/p>\n<p style=\"text-align: justify;\">Insider threats can be difficult to identify and block, unlike their outside counterparts, these users are generally granted permission.\u00a0 The detection for abuse of these privileges is tricky, but not impossible.<\/p>\n<ul class=\"ULStyle\" style=\"text-align: justify;\">\n<li><strong><span style=\"color: #800000;\">Proper Identification:<\/span><\/strong> Establishing clear identities for all users, their devices, and access points allows you to enforce privileges.\u00a0 All local accounts should be pushed to a centralized management tool, with any shared profiles eliminated.\u00a0 This way, insiders can only access your systems for their job through their identifiable profile.<\/li>\n<li><span style=\"color: #800000;\"><strong>Log &amp; Monitor Everything:<\/strong><\/span> The biggest benefit to properly establishing identifiable profiles goes beyond the ease to alter access\/denial privileges. \u00a0It also helps in developing a proper log history of all activity, acting as a digital audit trail.\u00a0 Further, logging access attempts, whether successful or not, help to develop data that can be reviewed to identify patterns of suspicious behavior by users. Creating a profile based recording and having the ability to generate access reports are central to any IT staff\u2019s capability for threat prevention.<\/li>\n<li><span style=\"color: #800000;\"><strong>Multi-Factor Authentication (MFA):<\/strong><\/span> A simple password just isn\u2019t sufficient in protecting from inside (or external) threats.\u00a0 Enforce a MFA policy that uses multiple methods to prove a user\u2019s identity, thus being a highly effective means to preventing access to information that someone shouldn\u2019t have; especially in situations where someone may have captured another users\u2019 credentials.<\/li>\n<li><span style=\"color: #800000;\"><strong>Default Minimal Privilege Policy:<\/strong><\/span> Creating default profiles with minimal access privileges is a far more effective way to manage newly established accounts.\u00a0 Locking down administrative accounts and applications on a role-based level eliminate the possibility that curious users aren\u2019t looking at information they should have access to.\u00a0 Instead, users should request privileges that requires approval.\u00a0 Users should have enough access to only perform their core job functions, providing greater control of unauthorized access from the employee, or the threat from outside in an event where their identity\/profile is stolen.<\/li>\n<\/ul>\n<p style=\"text-align: justify;\"><span style=\"color: #800000;\"><strong>Learn More<\/strong><\/span><\/p>\n<p style=\"text-align: justify;\">These are just a few of the best practices we use to protect our clients from Insider\/Outside threats each and every day.\u00a0 To learn more, <a href=\"https:\/\/tsisupport.com\/tsistaging\/contact\/\">Contact Us<\/a>!<\/p>\n<div class=\"fl-builder-content fl-builder-content-8352 fl-builder-template fl-builder-row-template fl-builder-global-templates-locked\" data-post-id=\"8352\"><div class=\"fl-row fl-row-full-width fl-row-bg-photo fl-node-5ecccdbce25c0 fl-row-default-height fl-row-align-center fl-row-bg-overlay BlogCTA\" data-node=\"5ecccdbce25c0\">\n\t<div class=\"fl-row-content-wrap\">\n\t\t\t\t\t\t\t\t<div class=\"fl-row-content fl-row-fixed-width fl-node-content\">\n\t\t\n<div class=\"fl-col-group fl-node-5ecccdbce2d8e fl-col-group-equal-height fl-col-group-align-center fl-col-group-custom-width fl-col-group-responsive-reversed\" data-node=\"5ecccdbce2d8e\">\n\t\t\t<div class=\"fl-col fl-node-5ecccdbce2f49 fl-col-bg-color fl-col-small-custom-width\" data-node=\"5ecccdbce2f49\">\n\t<div class=\"fl-col-content fl-node-content\"><div class=\"fl-module fl-module-heading fl-node-5eccce25ec3d2 sec-title title-img-none\" data-node=\"5eccce25ec3d2\">\n\t<div class=\"fl-module-content fl-node-content\">\n\t\t<h2 class=\"fl-heading\">\n\t\t<span class=\"fl-heading-text\">Confident with Your IT Strategy?<\/span>\n\t<\/h2>\n\t<\/div>\n<\/div>\n<div class=\"fl-module fl-module-rich-text fl-node-5eccce77546d9\" data-node=\"5eccce77546d9\">\n\t<div class=\"fl-module-content fl-node-content\">\n\t\t<div class=\"fl-rich-text\">\n\t<p>If you found the information in this blog post helpful and you'd like to discuss your business' technology strategy, then we'd be happy to hear from you.<\/p>\n<\/div>\n\t<\/div>\n<\/div>\n<div class=\"fl-module fl-module-button fl-node-5ecccec3237e8 primary-btn\" data-node=\"5ecccec3237e8\">\n\t<div class=\"fl-module-content fl-node-content\">\n\t\t<div class=\"fl-button-wrap fl-button-width-auto fl-button-left\">\n\t\t\t<a href=\"https:\/\/tsisupport.com\/tsistaging\/contact\/\"  target=\"_self\"  class=\"fl-button\" >\n\t\t\t\t\t\t\t<span class=\"fl-button-text\">Get in touch with tsi<\/span>\n\t\t\t\t\t<\/a>\n<\/div>\n\t<\/div>\n<\/div>\n<\/div>\n<\/div>\n\t\t\t<div class=\"fl-col fl-node-5ecccf1e8a49c fl-col-bg-color fl-col-small fl-col-small-custom-width\" data-node=\"5ecccf1e8a49c\">\n\t<div class=\"fl-col-content fl-node-content\"><\/div>\n<\/div>\n\t<\/div>\n\t\t<\/div>\n\t<\/div>\n<\/div>\n<\/div><div class=\"uabb-js-breakpoint\" style=\"display: none;\"><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Today, the number of types of cyber-attacks which threaten the security of your businesses are endless.\u00a0 We\u2019ve discussed the greatest weakness in network security being users before, but the focus was in a non-acting participant being coerced into clicking on a malicious link or opening a dangerous attachment. We often focus so much attention to&hellip;<\/p>\n","protected":false},"author":2,"featured_media":8499,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_links_to":"","_links_to_target":""},"categories":[12,20],"tags":[172,298,299,300,301,270,302,303,244,304,305,306],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Network Security Best Practices | Internal Network Threats | TSI<\/title>\n<meta name=\"description\" content=\"Read this post to prepare for internal threats to your business&#039; network. These network security tips will help prepare you for the worst-case scenario.\" \/>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Network Security Best Practices | Internal Network Threats | TSI\" \/>\n<meta property=\"og:description\" content=\"Read this post to prepare for internal threats to your business&#039; network. These network security tips will help prepare you for the worst-case scenario.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/tsisupport.com\/tsistaging\/?p=2206\" \/>\n<meta property=\"og:site_name\" content=\"TSI Support\" \/>\n<meta property=\"article:published_time\" content=\"2016-12-08T13:30:08+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-07-19T04:39:52+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2016\/12\/Inside-Job-Website-Header.fw_-1140x380-1.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1140\" \/>\n\t<meta property=\"og:image:height\" content=\"380\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Roger Murray\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Roger Murray\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2206\",\"url\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2206\",\"name\":\"Network Security Best Practices | Internal Network Threats | TSI\",\"isPartOf\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2206#primaryimage\"},\"image\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2206#primaryimage\"},\"thumbnailUrl\":\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2016\/12\/Inside-Job-Website-Header.fw_-1140x380-1.png\",\"datePublished\":\"2016-12-08T13:30:08+00:00\",\"dateModified\":\"2021-07-19T04:39:52+00:00\",\"author\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/5eed34ada00b62f24100bd841a4f62e9\"},\"description\":\"Read this post to prepare for internal threats to your business' network. These network security tips will help prepare you for the worst-case scenario.\",\"breadcrumb\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2206#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/tsisupport.com\/tsistaging\/?p=2206\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2206#primaryimage\",\"url\":\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2016\/12\/Inside-Job-Website-Header.fw_-1140x380-1.png\",\"contentUrl\":\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2016\/12\/Inside-Job-Website-Header.fw_-1140x380-1.png\",\"width\":1140,\"height\":380},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2206#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/tsisupport.com\/tsistaging\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Network Security Best Practices: Could the Real Threat to Your Business&#8217; Network Come From the Inside?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#website\",\"url\":\"https:\/\/tsisupport.com\/tsistaging\/\",\"name\":\"TSI Support\",\"description\":\"TSI - Technical Support International\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/tsisupport.com\/tsistaging\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/5eed34ada00b62f24100bd841a4f62e9\",\"name\":\"Roger Murray\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/02eb44ce8ff599f733f8d322316f904d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/02eb44ce8ff599f733f8d322316f904d?s=96&d=mm&r=g\",\"caption\":\"Roger Murray\"},\"url\":\"https:\/\/tsisupport.com\/tsistaging\/?author=2\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Network Security Best Practices | Internal Network Threats | TSI","description":"Read this post to prepare for internal threats to your business' network. These network security tips will help prepare you for the worst-case scenario.","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"Network Security Best Practices | Internal Network Threats | TSI","og_description":"Read this post to prepare for internal threats to your business' network. These network security tips will help prepare you for the worst-case scenario.","og_url":"https:\/\/tsisupport.com\/tsistaging\/?p=2206","og_site_name":"TSI Support","article_published_time":"2016-12-08T13:30:08+00:00","article_modified_time":"2021-07-19T04:39:52+00:00","og_image":[{"width":1140,"height":380,"url":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2016\/12\/Inside-Job-Website-Header.fw_-1140x380-1.png","type":"image\/png"}],"author":"Roger Murray","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Roger Murray","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2206","url":"https:\/\/tsisupport.com\/tsistaging\/?p=2206","name":"Network Security Best Practices | Internal Network Threats | TSI","isPartOf":{"@id":"https:\/\/tsisupport.com\/tsistaging\/#website"},"primaryImageOfPage":{"@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2206#primaryimage"},"image":{"@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2206#primaryimage"},"thumbnailUrl":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2016\/12\/Inside-Job-Website-Header.fw_-1140x380-1.png","datePublished":"2016-12-08T13:30:08+00:00","dateModified":"2021-07-19T04:39:52+00:00","author":{"@id":"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/5eed34ada00b62f24100bd841a4f62e9"},"description":"Read this post to prepare for internal threats to your business' network. These network security tips will help prepare you for the worst-case scenario.","breadcrumb":{"@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2206#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/tsisupport.com\/tsistaging\/?p=2206"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2206#primaryimage","url":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2016\/12\/Inside-Job-Website-Header.fw_-1140x380-1.png","contentUrl":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2016\/12\/Inside-Job-Website-Header.fw_-1140x380-1.png","width":1140,"height":380},{"@type":"BreadcrumbList","@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2206#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/tsisupport.com\/tsistaging\/"},{"@type":"ListItem","position":2,"name":"Network Security Best Practices: Could the Real Threat to Your Business&#8217; Network Come From the Inside?"}]},{"@type":"WebSite","@id":"https:\/\/tsisupport.com\/tsistaging\/#website","url":"https:\/\/tsisupport.com\/tsistaging\/","name":"TSI Support","description":"TSI - Technical Support International","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/tsisupport.com\/tsistaging\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/5eed34ada00b62f24100bd841a4f62e9","name":"Roger Murray","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/02eb44ce8ff599f733f8d322316f904d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/02eb44ce8ff599f733f8d322316f904d?s=96&d=mm&r=g","caption":"Roger Murray"},"url":"https:\/\/tsisupport.com\/tsistaging\/?author=2"}]}},"_links":{"self":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/posts\/2206"}],"collection":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2206"}],"version-history":[{"count":0,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/posts\/2206\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/media\/8499"}],"wp:attachment":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2206"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2206"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2206"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}