Craig discusses the danger of insider threats by those employees who are planning on leaving and behaviors that might indicate trouble.
For more tech tips, news, and updates visit – CraigPeterson.com
Automated Machine Generated Transcript:
Insider threats are real and it’s not like what they’re showing in the movies. Hey, not at all. And especially in this post-COVID-19 world, everything has changed. So let’s talk about insiders, people in your business, and the types of threats they’re presenting.
[00:00:25] Hey, you’re listening to Craig Peterson. You can find me firstname.lastname@example.org and of course podcasts pretty much everywhere out there. Just search for my name, Craig Peterson. Well, we’ve been talking about some of the threats that are facing us right now. We talked about DNS already today. We’ve talked in the past about just dozens of different types of threats.
[00:00:50]insiders are a big threat to businesses. So what does a threat look like? Well, Securonix just. Did a report, their researchers analyzed more than 300 confirmed incidents as part of their 20, 20 Securonix insider threat report. Now what they found was very disturbing, frankly. And the most disturbing part of it, at least to me was that 62% of the threats have to do with employees, exfiltrating data.
[00:01:29] In other words, employees taking data. Out of the business. Think about where we have been with the whole Wu Han virus and the concerns about the COVID-19. We have taken our employees. Who’ve been coming into the office maybe since your business was founded? And said, Hey, stay home. But if you want to get paid, you still have to do some work for us.
[00:01:56] And so we’re allowing them to use their computers at home, maybe to bring a business, computer home, and then we hastily set up VPNs and other equipment in order to allow them access to the servers and the information they needed to use at home. How many of us put up. Monitors on those systems to make sure they weren’t downloading stuff that they shouldn’t have access to.
[00:02:26] Do you have all of the permission set up properly on your file server? Do you have it set up so that if all of a sudden they’re downloading all of the schematics for all of your systems, all of your designs, do you have it set up? So it’s going to automatically shut them off and notify you. About what just happened?
[00:02:47] Well, if you’re like most businesses, the answer to that is no, because frankly, most businesses are not taking care of security. And that’s what was pointed out here in this Securonix insider threat report because we’ve also allowed our employees to put documents on two thumb drives and take those thumb drives home, take them on the plane with them, maybe where they get lost.
[00:03:15] But the number that is concerning about the data being at home is an 80% number. Now, this is where we get into something called a flight risk. These are employees that are within two months of leaving your organization because what they’ve found is that employees that are planning on leaving the business tend to start stealing data between two and eight weeks before they go.
[00:03:47] And more than 80% of the employees that are planning to leave, bring. The business’s data with them. That is very, very concerning. So think about that sales guy. How many times I mentioned this before, who’s planning on walking out with all your customer lists that happened to me. I had a sales guy who was calling and trying to build a business and was keeping track.
[00:04:16] Of course of everybody he had contacted. Right. Doesn’t that make sense? So it’s all in our database of all of the contacts that he had made and the discussions they had had, the types of needs that they had, and he downloaded all of them. And then he went to one of my competitors and he started calling all these people up again and continued on the sales process.
[00:04:46] Just like he was still working for me. So here I was, I had paid for all of this Goodwill to be developed with these leads. I had paid for his training. He was going to training two to three days a week for a few hours back before we were doing it all live on a, on WebEx. Right. So he was going to all of these pieces of training.
[00:05:10] He was taking people out to lunch. He was going to meet with them. And these prospects that were still in that sales funnel were called up by him. When he went to his new employer now, I kind of thought that I was the lone ranger here. Right. It really disappointed me. I thought I knew the guy. I thought everything would be fine.
[00:05:35] And I eventually did talk to him cause I was. Too upset to talk to him initially. And I called him up and said, so how are things going? I said, Hey, I just heard from company X. And you know, they were working with us, we’re moving along. And he said that you called him and suggested that they don’t work with mainstream, that they work with your new employer.
[00:06:01] And I stopped right there. Right? I didn’t say another word. And he ended up responding. Yeah. Well, you know, they’re my contact. I know them. I have a relationship with them. So I took them with me. Now we’ve seen similar things recently in the news when it comes to Tesla and Volkswagen, where Oh, they worked for me, and then he took all of this data with him.
[00:06:28] Right. You’ve heard about that story. I’m sure. But apparently this happens all of the time, these flight risk employees and these individuals, according to this study were involved in about 60% of the insider threats. There were analyzed in this study and insider threats, makeup in case you didn’t know the majority.
[00:06:55] Of problems when it comes to data loss for the business. So what are you doing about it? Most people who are exfiltrating, the sensitive information are doing it over email. So are you monitoring their email? This was a pattern that they found in nearly 44% of the cases. Do you have special filters that are looking for this stuff?
[00:07:18] You know, when we go into a business, we put filters in place on the email, looking for things like client numbers, looking for things like employer, identification, numbers, bank, account numbers. Driver’s license numbers, everything for, you know, a GDPR standpoint, the Massachusetts standpoint, the California standpoint, the new federal guidelines that are in place, right.
[00:07:42] We’re looking for all of this data, but it also protects the company. Because they are trying to exfiltrate your data and take it with them to their next employer. So number one was they try and send it out by email and they’ll often send it to a Gmail account or something else that they have the next most popular method is uploading it to cloud storage websites.
[00:08:11] And that’s why we put a limit. On where people can go, right? We oftentimes will have the Dropbox enterprise installed or the Microsoft three 65 enterprise versions installed where they can upload files, but it is tightly controlled and we know what they’re uploading. We know what they’re downloading. Do you have those controls Impella in place?
[00:08:37] There are other ways that they’re doing it, but we’ve got to pull up our socks. Now we have to, as businesses protect our investment, which for many of us is our retirement money. Right. And we have to watch our employees. I’m afraid to say. Particularly with the high rate of turnover in some industries and in the security industry, we’re seeing the turnover rate that is in the sixth-month timeframe.
[00:09:05] So think about that. All of the training you did for that new insecurity employee, all of the systems that were set up. What’s going to happen when they leave and take that data with them, that salesperson, the accounting people and on and on. So keep that in mind. We’re seeing insider threats, being a very, very big threat to all of us out there.
[00:09:29] They’ll all. When we come back, we’re going to be talking about looters and the eye iPhones. We’ll talk a little bit about how does Apple protects the devices that you have paid for? Because. Man, they do want a pretty penny. You’re listening to Craig Peterson, stick around because we’ll be right back after this and make sure you get my email.
[00:09:54] Craig peterson.com/subscribe.
More stories and tech updates at:
Don’t miss an episode from Craig. Subscribe and give us a rating:
Follow me on Twitter for the latest in tech at:
For questions, call or text: