The Magazine
  • Home
  • Internet
  • Business
  • Computer
  • Gadgets
  • Games
  • Lifestyle
  • Tech
  • Home Improvements
  • More
    • Phones
    • Tips & Tricks
    • Education
    • How to
    • WordPress
    • Entertainment
    • Reviews
No Result
View All Result
  • Home
  • Internet
  • Business
  • Computer
  • Gadgets
  • Games
  • Lifestyle
  • Tech
  • Home Improvements
  • More
    • Phones
    • Tips & Tricks
    • Education
    • How to
    • WordPress
    • Entertainment
    • Reviews
No Result
View All Result
The Magazine
No Result
View All Result
Home Internet

Applying IAM to Insider Threat Management

by KOF
December 12, 2020
in Internet
0
Applying IAM to Insider Threat Management

When developing cyber defense plans and strategies, most organizations focus on external threats. The traditional view of cybercrime and cyber attacks, where the hacker is sitting in a dark basement somewhere else, contributes to this bias.

However, many cybercrimes are performed or enabled by trusted insiders. When an employee leaves a company, they may take company data or a copy of their past work with them to their new employer, which is just as much a data breach as if the competitor stole it themselves. Alternatively, a completely benign employee could make a cyber attack possible through negligence, by losing a sensitive laptop or flash drive or by storing sensitive company data on an insecure cloud drive.

Protecting against these insider threats requires a zero-trust approach to security, where no-one is trusted by default and all access to systems and accounts is based upon strong authentication and authorization testing. This requires an understanding of what is IAM and how it can be implemented within an organization to address the insider threat.

Limitations of Perimeter-Focused Security

Traditionally, many organizations have taken a perimeter-focused approach to cybersecurity. An organization’s internal network, composed of “trusted” machines, has only a single point of connection with the public Internet, where cyber threats originate. By deploying a number of cybersecurity monitoring and threat detection systems at this single point of contact, these organizations are able to identify and block a great deal of malicious content before it reaches and has an impact on internal systems.

However, this approach to cybersecurity is becoming increasingly unusable. The modern organization has a much more mobile workforce than in the past, with telecommuters, work laptops, cloud resources, Internet of Things (IoT) devices, and mobile devices all operating outside of the organization’s local area network (LAN). These devices are often connecting directly to the public Internet, meaning that the organization’s perimeter protections do not cover them, and may carry malware or sensitive internal data past the firewall when moving from external to internal networks and vice versa.

ALSO READ  How to Track a Cell Phone Location without Them Knowing

Additionally, the assumption that everyone within the organization’s LAN is trusted is not a good one. If an attacker can bypass or overcome the perimeter-based defenses, then they could operate within the network with little chance of detection or response. Also, these perimeter-based defenses have little or no impact on threats that originate within the organization, such as malicious or negligent employees.

Inside the Insider Threat

Insider threats originate from a variety of sources and are responsible for a high percentage of data breaches. According to the 2019 Verizon Data Breach Investigation Report (DBIR), over a third of data breaches involve an insider in some way.

In some cases, these insiders are employees. An employee that has given notice or has been fired from a company may choose to bring sensitive material with them to their next job. Detection of this can be difficult since this material includes files that they are likely to have had legitimate access to as part of their role with the company.

Other data breaches that involve employees include incidents of employee negligence. Cloud-based data storage is a common source of data breaches as information is improperly secured in cloud storage. Lost or stolen devices can leak sensitive data as well as improperly disposed of physical copies acquired via dumpster diving. While the employee is not intentionally stealing data in these cases, their actions are integral to the true criminal’s success.

Finally, insider threats can originate with trusted individuals outside of the organization. As demonstrated in the Target breach, a cybercriminal may attack an organization’s supply chain in order to take advantage of their access to the organization’s network. Since 94% of organizations give these third parties access to their networks, and 72% provide admin-level accounts, these supply chain attacks represent a significant cyber threat.

ALSO READ  3 Awesome Ways to Use Vinyl Banners

Applying IAM Correctly

With the possibility that a cybercriminal, or malicious insider, has access to the organization’s network, the need to implement a zero-trust security model is growing. Under zero trust, individuals or devices within the organization’s internal network are no longer trusted by default. Gaining access to a particular resource requires proving identity, using strong mechanisms such as multi-factor authentication (MFA), and demonstrating a legitimate need to access the resource based upon job role.

Zero-trust access is built on top of strong user and device authentication and authorization, which is where identity and access management (IAM) comes into play. IAM is designed to define user identities and the levels of access that they are permitted on a certain network, system, or resource based upon their job responsibilities.

The use of IAM enables an organization to implement a “need to know” policy for all resources on their network. If an individual or device makes an unauthorized attempt to access data or tries to use it in an inappropriate fashion, then the attempt can be blocked and an alert raised to notify the security team that a threat has been detected.

This approach to security is essential to addressing the insider threat, where an attacker may already have access to internal systems or may be a malicious or negligent insider. Limiting access to sensitive data and valuable resources makes it more difficult for a cybercriminal to achieve their operational objectives, limiting the impact of a potential cyber incident and increasing the probability of detection before a breach occurs.

Related Posts

Mamahd Alternatives 22 Best To Stream Sports Online
Internet

Mamahd Alternatives 22 Best To Stream Sports Online

September 18, 2023
ebay money back guarantee reddit
Internet

How to Get Ebay Money Back Guarantee Reddit

September 8, 2023
ps1 emulator
Internet

10 Best PS1 Emulators for Windows 10 PC In 2023

September 8, 2023
Novelupdates
Internet

9 Best Alternatives Websites To NovelUpdates 2023

September 8, 2023
cricfree alternatives
Internet

15 Best Cricfree Alternatives for Online Sports Streaming Free

September 8, 2023
elvish translator
Internet

Top 10 Best Elvish Translator Tools In 2023

April 27, 2023
Next Post
finding a new job

A 2020 guide for finding a new job

Vmovee Alternatives 35 Sites To Watch Free Online Movies

Vmovee Alternatives 35 Sites To Watch Free Online Movies

September 30, 2023
Spacemov Alternatives 33 Sites To Watch Free Online Movies

Spacemov Alternatives 33 Sites To Watch Free Online Movies

September 28, 2023
Turkish123 Alternatives 38 Sites To Watch Free Online Movies

Turkish123 Alternatives 38 Sites To Watch Free Online Movies

September 26, 2023
F5Movies Alternatives 35 Sites To Watch Free Online Movies

F5Movies Alternatives 35 Sites To Watch Free Online Movies

September 25, 2023
FlixHQ Alternatives 35 Sites To Watch Free Online Movies

FlixHQ Alternatives 35 Sites To Watch Free Online Movies

September 22, 2023
  • Privacy Policy
  • About Us
  • GoKicker
  • Contact us

© TheMagazine © Copyright 2020 - 2022, All Rights Reserved.

No Result
View All Result
  • Home
  • Internet
  • Business
  • Computer
  • Gadgets
  • Games
  • Lifestyle
  • Tech
  • Home Improvements
  • More
    • Phones
    • Tips & Tricks
    • Education
    • How to
    • WordPress
    • Entertainment
    • Reviews

© 2023 JNews - Premium WordPress news & magazine theme by Jegtheme.

Go to mobile version