Connect with us
SIS

Industry News

5 Best Practices to Prevent Insider Threats in 2019

George Miller

Published

on

5 Best Practices to Prevent Insider Threats in 2019
Image Source: gcc.com.cy
Reading Time: 4 minutes

 

Data breaches caused by insiders cost enterprises millions of dollars. According to the Ponemon Institute, every year, companies lose up to $8.7 million due to insider threats. To ensure an appropriate level of enterprise data protection, security officers continuously look for ways to improve their current insider threat management solution. With the following insider threat management best practices, you’ll be able to protect your sensitive business information and keep malicious insiders at bay.

1. Consider access controls

It’s essential to keep your critical assets inaccessible for malicious insiders. First and foremost, deploy multi-factor authentication (MFA) for the most valuable systems, applications, and services. Your goal is to make sure that any malicious insider won’t be able to borrow a password from their colleagues and get a hold of the data they aren’t supposed to have access to. Therefore, you need to look for an insider threat management solution with a built-in MFA functionality.

By implementing MFA, you can make sure that the person attempting to enter the protected perimeter are who they claim to be. At the same time, the use of MFA makes it way harder for malicious insiders to access your company’s sensitive information.

It’s also important to have a good password management policy in place. The most basic recommendations include forbidding the use of default and simple passwords and changing passwords upon certain events (say, employee resignation) or after some periods of time (say, every month or every quarter).

2. Limit access whenever possible

Once you managed to make sure that only the right people can get access to your network and critical assets within it, it’s time to think about the access permissions each of your company’s employees has. It’s best to take some technical measures to mitigate insider threats and deploy the so-called least privilege principle when employees only have the exact access level they need to do their job.

But today, more and more companies go even further and deploy a zero trust security model. In a zero trust network, there’s no general protected perimeter that distinguishes trusted insiders from untrusted outsiders. Instead, each critical asset or system is fully protected from both insiders and outsiders, thus mitigating internal and external threats to cyber security.

Such an approach works best for the companies that cooperate actively with third-party vendors and subcontractors. It’s also a great solution for the enterprises with a bring your own device (BYOD) policy in place, allowing their employees to use personal devices for work purposes.

3. Monitor employee activity

User activity monitoring is the basis of many insider threat protection techniques. You need to be able to see what’s going on within your network, in real-time at best. When choosing among the solutions to protect against insider threats in cybersecurity, pick the one that allows to see a particular user session and terminate it if necessary.

Many companies also look towards User and entity behavior analytics (UEBA) as the key to effective threat monitoring and protection against insider threats. Advances in machine learning technologies allow building user profiles that include normal baseline behavior patterns for particular users or roles. Registering activities that deviate from these patterns may help detect malicious insiders and mitigate possible threats at an early stage.

4. Analyze logs and respond to security incidents

Continuous user activity monitoring is meant to give you full visibility across the enterprise network and provide you with detailed data for further analysis. Depending on the user monitoring solution, user activity logs may contain different types of information:

Names of files and applications opened by the user:

  • URLs to the visited websites;
  • Logged keystrokes;
  • Recorded sessions, and more.

The proactive incident response also plays a significant part in building an effective insider threat cyber security program. There’s no point in detecting a malicious action if you’re unable to respond to it properly and, therefore, prevent a data breach from happening.

Look for an insider threat prevention solution that allows you both receiving real-time notifications about the detected security incidents and automating responses to the most common types of incidents. For instance, if the system registers, say, three unsuccessful login attempts, the account a user tried to access will be blocked.

Finally, if you want to be able to analyze all of the logged information on a deeper level, make sure that your insider threat prevention solution supports forensic data export.

5. Pay special attention to third-parties

Remote access control and protection is an essential part of the modern insider threat management program. Today, more and more organizations hire remote employees and grant access to critical corporate resources to third-party vendors and contractors. But, as reported in a 2018 study by the Ponemon Institute, third-party vendors were the cause of nearly 60 percent data breaches.

If granting third-party vendors access to business-critical data, systems, and application is a common practice for your organization, make sure you have an appropriate third-party management solution in place. Leverage all of the above-mentioned tools and practices to protect your corporate data from unauthorized access and use.

If your third-party subcontractors are using a shared account for accessing your corporate network or business applications, it’s preferable to add secondary authorization as an additional protection layer. This way, you’ll be able to clearly associate each session initiated under the shared account with a particular user.

And, finally, make sure that your third-parties are well aware of your organization’s cybersecurity policy and know what cybersecurity rules they must follow.

Conclusion

Insider threats have one of the biggest impacts on enterprise cybersecurity. In order to mitigate the risks related to insider threats, organizations should deploy complex solutions that include monitoring and audit of user activity, granular access and privilege management, and effective incident response.

 

This article is a contribution from Marcell Gogan.  Marcell is a specialist within digital security solutions, business design and development, virtualization and cloud computing, R&D projects, establishment and management of software research direction – working with Ekran System. He also loves writing about data management and cybersecurity. 

Advertisement

Industry News

Stakelogic Enters into Partnership with Iforium

Niji Narayan

Published

on

Stakelogic Enters into Partnership with Iforium
Reading Time: < 1 minute

 

Online slot developer Stakelogic has entered into a deal that will see its entire portfolio of games made available via Iforium’s Gameflex platform.

The partnership provides Stakelogic with rapid distribution into additional regulated markets such as the UK, Spain and Romania, allowing the developer to showcase its incredible portfolio of classic slots and video slots to more operators.

For Iforium, the partnership allows it to add quality, proven content to its game portfolio including hugely popular Stakelogic titles such as Flappers, The Expendables Megaways and just-launched games Runner Runner Megaways and Book of Cleopatra Super Stake.

“We are thrilled to have integrated our full suite of games with Iforium and to be able to leverage its incredible network of operator partners in core regulated markets around the world. Our games are proving to be incredibly popular with players in Europe and other international jurisdictions and as we continue to design and develop even more classic and video slots, we look forward to taking advantage of the increased exposure Iforium provides,” Stephan van den Oetelaar, CEO of Stakelogic, said.

“One of the reasons why so many tier one operators work with Iforium is our unrivalled portfolio of top-quality online slots and casino content. In that regard, Stakelogic is a great addition, bringing with it a suite of chart-topping games. We believe operators in regulated markets around the world will leap at the chance to add Stakelogic titles to their lobbies, allowing them to deliver the best possible experience to their players and to stand out from their rivals,” Phil Parry, CEO of Iforium, said.

Continue Reading

Industry News

BetConstruct Launches its Latest Live Casino Game “Switch BlackJack”

Niji Narayan

Published

on

BetConstruct Launches its Latest Live Casino Game “Switch BlackJack”
Reading Time: < 1 minute

 

BetConstruct has launched its latest live casino game Switch BlackJack. Since the beginning of the summer, this is the fourth major gaming release for BetConstruct’s Live Casino.

Switch BlackJack tables feature three playing sits per game and two boxes to bet on simultaneously with an option to switch combinations. High-odds side bets for more experienced players are an essential element to the game and additional revenue source.

Between three players per table and two betting boxes per individual, there is a higher level of retention for operators with Switch BlackJack. Regardless of the player experience, this new game with an alternative take on the main concept of BlackJack has a full potential of being more than a one-time thrill.

Continue Reading

Industry News

Greek Super League Announces Interwetten as its Gold Sponsor

Niji Narayan

Published

on

Greek Super League Announces Interwetten as its Gold Sponsor
Reading Time: < 1 minute

 

The Greek Super League has announced Malta-headquartered sports betting operator Interwetten as its gold sponsor for the next three years, starting with the 2020-2021 season.

The sponsorship represents an evolution of the partnership formed last year, where Interwetten joined the league as its official sports betting partner for the 2019-2020 season.

“We are very pleased that the Super League’s cooperation with Interwetten is now entering a new era, as it is officially the Gold Sponsor of the Super League,” Leonidas Boutsikaris, president of the Super League, said.

He described Interwetten’s “vote of confidence” in the Super League as a key driver of progress and development of football locally, and indicating that a broader strategy to attract more investment and sponsorship was succeeding.

Dominik Beier, representative for Interwetten’s board of directors, described Greece as a very important market for the operator.

“So we want to continue to invest in sports here and expand our position. The naming rights for the Super League championship is the most important sports deal that exists in Greece. The Super League opens up a wealth of opportunities for us, both for communication and action, across the country and throughout the year,” he said.

Continue Reading
Advertisement
NSoft

Global Gaming Industry Newsletter – Weekly Digest (sent every Wednesday)

Please select all the ways you would like to hear from European Gaming Media and Events:

You can unsubscribe at any time by clicking the link in the footer of our emails. For information about our privacy practices, please visit our website.

We use Mailchimp as our marketing platform. By clicking below to subscribe, you acknowledge that your information will be transferred to Mailchimp for processing. Learn more about Mailchimp's privacy practices here. Read more about European Gaming Media and Event's Privacy Policy and Terms of Service.

Subscribe to our News via Email

Enter your email address to subscribe to our news and receive notifications of new posts by email.

Trending

Notice for AdBlock users

We are constantly showing banners about important news regarding events and product launches. Please turn AdBlock off in order to see these areas.