It’s growing exponentially as the cloud pushes data ever further across ever-larger networks, necessitating increasingly complex access arrangements. And the result, according to data from ID Watchdog, is that a whopping 60 percent of data breaches in 2020 were connected to or resulted from insiders.
Here’s an example to show the scale of the problem. Eighty-one percent of data breaches start with a stolen or weak login credential – because passwords are just too easy to compromise. Every time a major attack hits the headlines, with user data spilling out onto the internet like oil from a tanker, chances are some of your employees’ passwords are in the flood.
If they reuse those passwords across multiple sites (which a recent Google survey suggests around two thirds of them do) then your systems are at risk. All it takes is for an attacker to buy an employee’s login details from the leak, connect that person with your company, try their details on your system – and the digital door swings wide open.
To make it worse, there’s nothing in that process that would trigger traditional security systems – so your newest ‘employee’ could theoretically wander around inside your systems undetected for days on end.
The risk associated with employees doesn’t stop at the weakness of traditional passwords. One-time password (OTP) systems briefly offered a solution, but as attacks have grown more sophisticated, OTPs sent by legacy systems have become vulnerable to interception, phishing, and man-in-the-middle attacks.
And of course, all this assumes the employee is an innocent party. But in most cases, ‘insider threat’ means a breach of trust rather than a breach of security. The reality is that malicious activity does happen – whether for financial gain, in response to perceived mistreatment, or in service of a new employer. Unless identity services are up to the challenge, movers and leavers can retain access to sensitive data for far longer than they should.
So, the question for mid-market businesses is: what to do? The temptation can be to do the cloud equivalent of locking everything into a big chest, behind a gate, over a drawbridge, digging a moat, and then requiring a different kind of ID to get through each barrier. Then, you think, our information will be secure.
The problem is, if your ID management is too good, it stops your employees from doing their jobs. Nothing brings productivity grinding to a halt quite like the inability to quickly open your documents, share information with other departments, or copy numbers from a spreadsheet into an email. Blanket OTP systems are already widely unpopular with many employees, forcing them to break away from their tasks at random intervals to convince their suddenly suspicious email servers that they are, in fact, who they say they are.
Somewhere between these two divergent business needs – for security and usability – there needs to be a better way.
Thankfully, it’s not just the attackers who’ve been getting increasingly sophisticated. As businesses shift to the cloud, building larger, more complex data landscapes, security technology is evolving to match. Businesses need to take advantage of these developments to create a Zero Trust environment, starting by protecting threats on the inside and working outwards, rather than vice versa.
Through intelligent, autonomous technology, businesses can implement systems that analyse far more than just a password or one-time code to determine whether a particular user gets access to a particular system. As cloud moves security closer to the user, IP addresses, past behaviour, endpoint ID, even geolocation and the time of day – all these data points can be gathered and analysed by an intelligent identity-as-a-service platform, and then used to decide on the spot whether an access request should be granted.
If for example, a mid-level sales executive from Basingstoke suddenly inputs their password from a township in Belize at two o’clock in the morning and tries to access the finance team’s file server – the system will spot the risk and lock them out until checks can be undertaken. That’s an extreme example, but an advanced, autonomous identity system can carry out thousands of these checks simultaneously, identifying and isolating much more subtle risks at speed.
That’s not to say that passwords and multi-factor authentication should be ditched altogether. Belt and braces is always the best policy when it comes to data security. To ensure they’re fully protected, companies should move controls closer to the user or device, reduce services delivered from DMZs and make sure users are segmented from the data centre network.
But it is to say that there’s a more nuanced, unobtrusive way to elevate security levels that doesn’t make employees feel like they’re constantly being locked out of essential systems. The key ability for businesses to invest in is autonomous, AI-backed detection and response. That way, if the business is logging all user and application layer activity, their systems will be able to rapidly integrate threat data from every possible entry point (not just end-user devices or emails) and take appropriate action faster than humanly possible.
As cloud-native business increasingly becomes the norm, anything less is undeniably a risk. Either to employees’ productivity – or to organisations’ data, reputation, and business viability.
Gartner infographic.
Critical cyber security challenges.
How XDR is changing the game.
The insider threat that caused the security vs usability conundrum.
How a consolidated approach works.
Key insights and recommendations from Gartner.
Find out in this recorded webinar
The what, why and how of SASE
5 steps for defence
What they are and how to get them right
and how to overcome them
"The biggest cyber threat facing the UK"
![[Video] Plan smart: The future is SASE](/media/2slftnzv/shutterstock_707491003.jpg?anchor=center&mode=crop&width=900&height=650&rnd=133050302868900000)
The perimeter is no longer “entombed in a box”
Freedom. Visibility. Protection.
with this all-in-one solution
The state of the UK’s cyber security response
View white paper
Zero Trust and Beyond
How to protect your users with email security
Easing alert fatigue
Protect your data in the cloud
Things to consider
Threatening your business?
9-5 attention no longer cuts it
If it's left behind the cybersecurity curve
Protect your data in the cloud
Share this story
To find out more about data in the cloud, please contact one of our specialists
Here’s a single security platform that seems to provide all you need to protect your business from cyber attack and, refreshingly, they don’t put it all down to AI.
Learn MoreLet us know what you think about the article.
Let us know what you think about the article.
We're a community where IT security buyers can engage on their own terms.
We help you to better understand the security challenges associated with digital business and how to address them, so your company remains safe and secure.
