by Jasmine Chennikara-Varghese, Pathlock Technologies
Employees are perhaps one of the most challenging security risks to the modern business landscape. Insider threat comes from those authenticated and authorized users performing potentially damaging activities from within your trusted landscape. While keeping the bad guys out is critical, the insider threats are harder to discern and happen even with the best security.
Who are these insiders? They are current or former employees or third-party users whose access into your critical systems, whether on-prem or in the cloud, is a security risk. The reality of having access to critical business systems makes their accounts vulnerable to compromise and privilege escalation by internal or external attackers. In many organizations, privilege escalation happens under the radar though privilege creep whereby employees end up with more access than needed as they cycle through the organization with different job roles and responsibilities. Then there are third-party users such as vendors, customers or consultants who share accounts or require admin level rights to perform certain activities on behalf of the organizations. Eventually when their employment, contract, or project ends, often the access is not terminated in a timely manner due to lack of an effective offboarding process, making departing insiders a significant risk.
A critical step towards containing insider threats is to understand your users and their access inside your applications. You need to know:
Addressing the risk of insider threat requires a multi-prong approach including a compliant, auditable automated process for managing and monitoring access.
Find out how Pathlock can help you mitigate insider threat by managing access rights and tracking user activities.