IT operations teams are focusing their efforts on securing their networks and applications from outside threats, but the greatest threat to an organization may be its own users. A recent survey of 500 IT professionals from BetterCloud revealed that 91 percent of IT professionals feel vulnerable to insider threats.
According to the survey, 62 percent believe that the biggest threat they face comes from the well-meaning, yet negligent end user. “They mean well, but they can be careless and unintentionally expose sensitive information. They are particularly dangerous because they have access to critical assets, but lack the training or knowledge to keep sensitive information safe as they do their jobs,” BetterCloud wrote in the report.
Furthermore, another survey from ProofPoint revealed that 67 percent of all highly targeted attacks are carried out against “lower-level employees,” such as customer service reps. Marketing, human resources, and PR positions make up about 20 percent of all phishing and malware attacks.
Further compounding the issue is the fact that 70 percent of users use the same password for nearly all of the web services they use, explained security company Sophos. So for a majority of employees, all it takes is one successful phishing scheme and suddenly an attacker can access all of that user’s services.
BetterCloud also revealed that more than half of IT professionals believe they are at risk due to dangerous insiders, such as employees who have left the company, are planning to leave, or having expiring contracts. Offboarding processes are often sloppy and unorganized, leaving disgruntled employees with access to company systems even after they are gone. Employees may also try to steal data before their access is revoked, BetterCloud explained.
Related content: When your trusted employees leave, so will your IP
“Historically, companies have relied on perimeter-based security mechanisms like firewalls and intrusion detection systems to keep data inside company walls, but that paradigm simply doesn’t work in the cloud,” said David Politis, founder and CEO of BetterCloud. “Our findings make it clear that in order to combat these rising threats, organizations must expand their defenses by monitoring and managing the user and all of their interactions within the application.”
In addition to careless or dangerous end users, software-as-a-service (SaaS) applications have created a “new breed of insider threats.” According to BetterCloud, almost half of IT professionals feel that use of SaaS applications is also opening them up to vulnerabilities. This is due to a few reasons:
- SaaS applications give users a lot of control, while reducing the amount of control IT has
- SaaS can create blind spots because of hidden security threats that IT teams might not be aware of
- File sharing permissions and configurations in SaaS applications are complex, making it easy to wrongly configure them
SaaS applications make it much easier for end users with no knowledge of security best practices to expose data, BetterCloud explained.
“In today’s digital workplace, it’s extraordinarily easy to expose data in SaaS apps. It’s easy to accidentally share a confidential file publicly. It’s also easy to purposely share a confidential file with a competitor. The very beauty of SaaS—the ability to collaborate, the ease of sharing data—is also its ugliest and most dangerous security risk,” BetterCloud wrote.
Unfortunately, only 26 percent of C-level executives and 44 percent of IT managers believe they have invested enough in mitigating these kinds of insider threats. BetterCloud recommends investing in security awareness training, getting visibility into user interactions in SaaS apps, being aware of data and behaviors that might indicate an upcoming insider threat, and having the right tools in your insider threats toolkit.
“Understanding the various leakage points in SaaS is essential in creating safeguards. With the right tools for visibility and remediation, it’s possible to mitigate some of these risks in the digital workplace,” BetterCloud wrote.
