Employee data continues to be a leading target for criminals and 60% of attacks are carried out by insiders. Despite this startling statistic, 61% of organizations don’t monitor privileged users more closely than regular users. And as retailers are gearing up this holiday season for massive profits, so is the inside threat. The latest target is Nordstrom where it was just announced that employee names, Social Security numbers, birth dates, bank account numbers, salaries and other information was breached by a contractor.
Customer data was not affected in the breach that took place on October 9th and there has been no evidence that the information has been used inappropriately yet. Authorities are investigating and the vulnerabilities that led to the breach have been closed. Nordstrom immediately notified its employees about the breach and has been commended for its transparency.
It also just happened at the Chicago Public Schools (CPS) where a fired employee allegedly stole the personal information of approximately 70,000 in the CPS database. This included personal information about employees, volunteers and others, including names, employee ID numbers, phone numbers, addresses, birth dates, criminal histories and other records. After copying the information, the former employee then allegedly deleted the database off of CPS’s systems.
Whether data is exposed inadvertently or part of a malicious breach, the inside threat is real. Often times, companies have a difficult time determining if a worker is doing their job or accessing information in a malicious manner. The lack of Audit trails makes it especially difficult to uncover the inside threat in HR systems.
But now there is a way for you to secure your HR data by taking advantage of the same firefighting capabilities that you use with SAP ERP. Pathlock ResQ for SuccessFactors monitors for high-risk activities and provides a complete audit trail. Click here to view the 30 minute on-demand webinar: Firefighting for SuccessFactors and other Cloud Applications: What You Need to Know.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.