535 Connecticut Ave. Suite 104
Norwalk, CT 06854
Empire State Building
350 Fifth Avenue, 59th fl.
New York City, NY 10118

Featured Article

June 10, 2016

Five Signs You're a Sitting Duck For an Insider Data Breach

Take a walk through your office, and look at your employees. One of these people could very well be the cause of a disastrous data breach in your organization.

That’s right: As much as you trust your employees, be aware they may not always have your company’s best interests in mind when handling sensitive information. In a startling discovery from IBM, for instance, 60 percent of all cyberattacks in 2015 were the result of an inside job. And 44 percent of these inside jobs were carried out with malicious intent.

What was the net loss for all these data breaches? We reached out to IBM for more information, and will be sure to let you know when we hear back. It’s safe to assume that it was a significant figure.

In the meantime, stop and consider your business’s risk level so you don’t get caught off guard. Here are five warning signs that your business could be vulnerable to an inside data breach:

1. Your data is all over the place: Your data doesn’t just live in your company’s servers. It lives on your employees’ computers, laptops, smartphones and tablets. It travels with your employees through airport terminals, coffee shops and crowded train stations, and is often accessed over insecure networks. Right now, IT has no visibility as to who has access to this information, or control over what they can do with it since you lack a robust mobile device management plan.

2. You have lax security policies for logins: In the above-mentioned IBM study, 15 percent of inside data breaches were unintentional. Employees don’t always willingly contribute to a data breach; they may simply lose devices containing sensitive data, for instance, or lend their login credentials to other people. Just think, for instance, about a young employee using a work device to access Spotify at a party. There’s no telling who could be browsing the device after hours.

3. Data security is not a priority for your employees: Your employees may not even be aware that they need to protect your company’s sensitive data. According to a study from Clearswift, 22 percent of respondents claimed that company data was not their responsibility at all. Even worse, 62 percent of information security professionals think that employees don’t care enough about security to change their behavior.

4. You’re holding valuable intellectual property: The Clearswift study also found that a quarter of employees would sell company data—risking their jobs and criminal convictions—for less than $8,000. Three percent of employees would sell private data for less than $200. And 35 percent of employees were open to bribes. The study also shows that employees are most likely to sell financial, product, customer, employee, supply chain and transactional data.

5. Your team is growing: You are no longer overseeing a small team of close and trustworthy colleagues. Your business is growing by the day, meaning you’re bringing lots of strange new faces on board—many of which include interns and entry-level workers who may not have any loyalty to your company other than for their paychecks. While this tradeoff of trust for manpower is necessary for any growing company, it’s important to realize that you are significantly adding risk to your operation.

Preventing a data breach is not easy—especially considering that there could be one or more culprits in your IT department who are willing to fork over sensitive data for money.

There’s no better reason why you should consider outsourcing your network management to a managed services provider (MSP). Doing so will put your network security in the hands of an organization whose name and reputation depends on keeping your data safe. An MSP will store your data on private, managed and protected servers. It can implement a robust mobile device management policy with strong access controls to prevent important data from leaking to unauthorized third parties.

Apex Technology Services is one such MSP that can help protect your business. Apex also offers comprehensive cybersecurity courses to educate your employees about the importance of protecting sensitive data and best practices for avoiding a data breach, ensuring that all workers come away well-versed in how to handle corporate devices, accounts and information.

So take this article as a warning, and contact Apex to ensure that your business has the capability to reduce the likelihood of an inside data breach.

A new breed of hacktrepeneurs has awoken and they have little to fear and everything to gain by infecting as many companies as possible and extorting money from them. Apex Technology Services stands ready to protect your company regardless of whether it’s located in New York CityWhite Plains, New York; Connecticut; Australia; Europe; or anywhere else. Our full suite of cybersecurity and IT support services is at your disposal, enabling you to spend less time worrying and more time growing your business.

In addition, our new Cybersecurity Compliance Certification for law firms will help keep your legal practice from becoming the next Panama Papers victim. This baseline cybersecurity audit for the legal industry should be considered seriously by all law firms.







Comments powered by Disqus

Related Articles