535 Connecticut Ave. Suite 104
Norwalk, CT 06854
Empire State Building
350 Fifth Avenue, 59th fl.
New York City, NY 10118

Featured Article

January 25, 2017

Is There Any Way to Protect Your Business From Malevolent Insiders?

“I know it was you, Fredo. You broke my heart. You broke my heart.”— The Godfather Part II

One of the saddest scenes in The Godfather is when Michael Corleone finds out his own brother betrayed him by making a business deal behind his back. The scene is a reminder that sometimes, the people you think are on your side may actually be working against you.  

In fact, there could be a Fredo walking around your organization right now.

Most businesses today are so concerned about combating external cyberthreats that they fail to recognize internal ones. In fact, more than half of all [cyber] attackers today are insiders.

Anyone could be a malevolent insider — from an IT administrator gone rogue to a rank and file employee who has too much access to the network. Let’s not forget, Edward Snowden was a just a contractor for the U.S. government before he became the biggest whistleblower in the world.

One of the reasons why executives struggle to combat internal fraud is that they lack the right technologies for detecting and proving it. It’s easy to suspect someone of fraud, but reckless to call that person out directly if you can’t prove foul play.

There are, however, steps you can take to fortify your network and catch criminals in their tracks.Yesterday, for instance, OneLogin’s Senior Director Al Sargent gave infoTECH Spotlight several tips for protecting digital assets. They include:

  • Set up policy-based access for all employees including IT administrators. Avoid giving anyone blanket authorization across the network. 
  • Use a cloud security access broker (CASB) to monitor your network. And make sure that it's communicating with an identity cloud manager, to susped or terminate account access when a threat is detected. 
  • Practice good account hygiene. In other words, don’t use shared accounts. Always deprovision user accounts when they are no longer needed.
  • Use threat intelligence to your advantage. Investigate network forensics to understand what is happening on the network.

You could also partner with a managed services provider (MSP), who can provide additional monitoring and support services as well as expert advice for dealing with cybercrime. An MSP can keep a close watch on your network, and discover when employees are engaging in illegal activities.

To learn more about how your business can benefit from an MSP, click here.

 A new breed of hacktrepeneurs has awoken and they have little to fear and everything to gain by infecting as many companies as possible and extorting money from them. Apex Technology Services stands ready to protect your company regardless of whether it’s located in New York CityWhite Plains, New York; Connecticut; Australia; Europe; or anywhere else. Our full suite of cybersecurity and IT support services is at your disposal, enabling you to spend less time worrying about and more time growing your business.

In addition, our new Cybersecurity Compliance Certification for law firms will help keep your legal practice from becoming the next Panama Papers victim. This baseline cybersecurity audit for the legal industry should be considered seriously by all law firms.







Related Articles