Home Security
PC Matic
PC Matic VPN
More Products
Support Unlimited
Identity Theft Protection
PC Magnum
Threat Awareness
How PC Matic Protects You
SuperShield Whitelist
Compare PC Matic
Norton
McAfee
Avast
AVG
Business Protection
PC Matic Pro
PC Matic MSP
Solutions
Allowlisting
Script Enforcement
Device Control
Patch Management
Remote Tools
Integrations
Server Security
Learn More
Resellers
Affiliates
Resources
Case Studies
Compare PC Matic Pro
ThreatLocker
Airlock Digital
VMware Carbon Black
AppLocker
For Federal
Partner Programs
Managed Service Providers
Channel Partners
Affiliate Partners
OEM Partners
Resource Center
All Resources
Case Studies
Data Sheets
User Guides
White Papers
Blog Resources
PC Matic Blog
Business Security
Home Security
Cyber News
Scam Alerts
Customer Service
Home Support
Business Support
Learn More
Getting Started
Knowledgebase
Tech Support Scams
Fake Virus Scams
Tools & More
Ransomware Center
Internet Speed Test
PC Matic
About
Careers
Learn More
Industry Recognition
Leadership
Commercials
Stay Up-to-Date
Newsroom
Blog
Events
TechTalk Podcast
Home Customers
My Account
PC Matic App
Add a Device
Renew Subscription
Business Customers
Business Login
Business Support
Search
PC Matic Shield

Insider Threats

Is your company safe?

When we think of data breaches, the image that often comes to mind is a foreign entity acting with malicious intent. Stories continue to dominate the news of cities and businesses falling victim to the ever growing threat of ransomware. Where are those cyber threats located? Research suggests they could be at the desk next to you.

In a survey of over 1,000 information security leaders, the 2019 Global Data Exposure Report, conducted by Code42, found that 69% of organizations said their breaches came from inside. Some actors were malicious while others were simply careless.

They didn’t mean to

It isn’t just lower level employees putting company data at risk. According to the Code42 research survey, 78% of CSOs and 65% of CEOs admit to clicking links they shouldn’t have. That’s a staggering number.

Last week I spoke with an IT professional who has a “repeat offenders” list at his office. These are employees known for opening anything sent to them. They click links, download files, and go to unprotected websites despite the protestations of the IT department.

Even with increased security training, these employees are still a threat to their company’s safety. They’re now on a list of people who have more blocked on their machines than those who use common sense security processes.

Going back to the Code42 survey, departing employees, even those leaving amicably, can pose a risk. The survey found 63% of departing employees admitted to taking data with them. This can include anything from client lists to source code and can be damaging to a company.

The mass exodus

63% of exiting employees may not sound as big as it is unless you consider the fact that over 40 million Americans left their jobs last year. Our work culture no longer involves being hired for a company and working there until retirement. Employees are likely to jump ship well before the 5 year mark.

With this mass exodus of employees from company to company, the idea that they’re taking and bringing data means much more is being shared than should. This culture isn’t likely to slow down any time soon. The solution is to safe guard company and customer data more closely than previously done.

One feature that PC Matic Pro offers to help combat this is a USB blocker. An administrator can stop any outside device from being connected to the machine via USB port to transfer data. It’s protections like these that are lacking in current security suites used by businesses.

And not all employees transferring data are acting maliciously. There’s a general lack of understanding of intellectual property and who it belongs to within an organization. It’s up to employers to make that clear to both incoming and outgoing staff. Anything created for the company belongs to the company, not the individual creating it.

Those who mean to do harm

On the flip side, there are employees, both exiting and current, that are looking to do harm. In some research I did on ransomware trends, I found that there are programs for purchase on the dark web that will hold your hand through the creation and deployment of ransomware and malware. You don’t have to be tech savvy to launch an attack.

Even without the creation of malware, some disgruntled employees have permissions they shouldn’t have. Most companies are empowering their employees to work and create, which is wonderful (have you ever had a micromanaging boss? I have, it’s awful, and the reason why I scooted out of that place quickly.) Without the proper security measures in place, however, the company is leaving itself open to theft and attack.

What to do

In the end, company security comes down to vigilance and diligence. Creating a company culture of empowering, educating, and respecting employees can go a long way toward making them feel ownership of the company’s security. Most employees want to do a good job and want to provide their company with excellent work. When they feel trusted and empowered, they’re more likely to exude those positive, security minded traits.

And for those who aren’t the most altruistically minded, setting up a system of security protocols with checks and balances can help protect the company. At the end of the day, a well protected company is job security for us all.

Stop Responding to Threats.
Prevent Them.

Get Protected

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles