Government Technology

    Digital Communities
    Industry Members

  • Click sponsor logos for whitepapers, case studies, and best practices.
  • McAfee
  • Net App
  • NIC
  • Perceptive Software

Internal Attacks: How to Protect Your Data



November 18, 2009 By

A consultant -- about to be let go - installed a logic bomb in a script in one of his employer's servers. Luckily it was found before any damage was done. Had it not been found, it would have shut down thousands of data center servers. While few employees -- even those under threat of firing or layoff -- would do such a thing, Ron Koch, Ernst and Young's security competency leader, told Government Technology that the economic downturn has the potential to increase the possibility of insider attacks motivated by workforce reductions. And even one disgruntled former employee with access can create havoc, especially if budget reductions have curtailed security.

In a recent security survey by Ernst and Young, 25 percent of respondents witnessed an increase in internal threats and 13 percent reported an increase in internally perpetrated fraud. "Employees might not feel the same level of loyalty to the company as they had in the past because they feel that their job may be in jeopardy. I think a lot of it has to do with the uncertainty that they may be feeling in their jobs or they may have become a victim of workforce reduction," Koch said.

Have a Plan

The key to mitigating these risks is to have a formal response -- an effective, functioning, mature plan put in place well before an event happens. The day before an organization plans to downsize is too late. Agencies and organizations should have a documented set of procedures and assigned responsibilities that get executed in the event of a workforce reduction. Organizations should also have strong controls around identity and access management. It is important to understand the access that each employee has and to have an automated procedure to rapidly disable that access so that a terminated employee can't misuse it.

"In a lot of organizations, users have much more access than they really need for their jobs. Employees who have been with the organization for a long period of time tend to accrue access over time that never gets taken away. Organizations should inventory the access that each employee currently has and see if it's really necessary and if not, take it away. This was you can at least limit the scope of an attack that a person could execute," Koch said.

Data Protection and Data Leakage Prevention

Another aspect of IT security that Koch believes is still not quite mature in its deployment yet is data protection and data leakage prevention. Those tools would help prevent the inappropriate or unauthorized copying of data to removable media, personal devices, or transmission of that data across the network or via e-mail. "I think good logging and monitoring is very important to be able to either detect an attack in process or at the very least be able figure out what happened after an attack and provide forensic evidence if necessary for prosecution or action after the fact," Koch said.

 


| More

Comments


Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
WHITEPAPER: D Block Spectrum Act and the FirstNet Broadband Network. What does it all mean?
On Feb 22, 2012, the Middle Class Tax Relief and Job Creation Act of 2012 was enacted into law. This law will ensure the establishment of a nationwide, interoperable public safety broadband network in every state and territory in the U.S. Learn about the new law and what you can do to prepare for it now.
New Research Reveals Surprising Trend for Funding Innovation
Listen to an informative discussion with Digital Communities members to learn how you can use your IT savings and efficiencies to do the new things you have been waiting to do.
Continuity with Cloud Solutions
Cloud solutions provide agility, flexibility and scalability to government agencies. In an emergency situation where an agency’s infrastructure and resources are impacted, prioritization and restoration become critical elements of a disaster recovery plan. The flexibility of cloud services helps agencies make adjustments to processing capacity on demand.
View All

Digital Communities members get access to our collaboration task forces

427 Members

77 Discussions

84 Files

Latest members Become a member

Digital Communities members get access to our collaboration task forces

669 Members

145 Discussions

150 Files

Latest members Become a member

 


Featured White Papers & Reports

The Future of the Desktop in Government

Until recently, there was no alternative to the familiar desktop computer, and its expensive upgrades and maintenance requirements. For cash-strapped local governments, the desktop computer is quickly becoming an unsustainable option for future progress. Now, a technology known as virtual desktop infrastructure (VDI) offers an alternative. It can be significantly more affordable than buying individual computers for every employee, and it provides similar capability. This paper shows how VDI is the future of the desktop and is a game-changer for local governments.


View Full Library

Events

GTC East

Don't miss this opportunity to see the latest in digital government solutions, keep abreast of current policy issues and network with key government executives, technologists and industry specialists.

View All Events