Back to Blog

The Top Insider Data Loss Causes and Preventions

Jan 5, 2022 | Blog

Companies are reporting sharp increases in data loss spurred by remote and hybrid work. How is this occurring with all the security measures and tools enterprises have in place? Insider privilege abuse and data mishandling are cited in multiple reports as growing causes of data breaches and incidents, outside of hacking and external threats. Read on to discover the top 10 ways insiders are contributing to data loss in your organization and how to prevent data loss and mishandling in the first place.

The Top 10 Insider Data Loss Causes

Data breaches and security incidents are no longer just the domain of hackers. The uptick in collaboration tools and remote work has spurred a new threat vector – your trusted insiders.

According to the definitions in the 2020 Data Breach Investigations Report: A security incident refers to a violation that compromises the integrity, confidentiality, or availability of an information asset. A data breach is an incident that results in the confirmed disclosure—not just potential exposure—of data to an unauthorized party.

Just how is insider data loss occurring? According to a study by IBM, employee or contractor negligence (64%) is the lead cause of most insider incidents, followed by criminal malicious users stealing information for personal gain (23%) and credential theft, a.k.a. imposter risk (14%).

Here’s a few of the top insider data loss causes cited by various reports:

  1. Personal Information (PI) sent to wrong recipient (email, mail or other)
  2. Unauthorized disclosure (unintended release or publication)
  3. File uploads to personal cloud storage services (shadow IT)
  4. Unauthorized disclosure (failure to redact)
  5. Printing sensitive information (wrong printer, at home)
  6. Viewing sensitive data in a public place (café, airport/airplane, etc.)
  7. Copying sensitive files and/or IP to USB drives
  8. Saving sensitive data to home office network attached storage
  9. Taking a photo or screen shot of sensitive information and/or IP
  10. Employee/user credential theft (imposter risk)

How to Stop the Top 10 Data Loss Scenarios

Collaboration is essential to business. They key is to balance collaboration with adequate security. To do this, organizations need to assess what data an employee needs access to in order to do their job. But it doesn’t stop there. They also need to determine what a user should be able to do with that data if they are granted access to it, to stop negligence, misuse and loss.

1. Answer These Key Data Access & Handling Questions

  1. Where is sensitive data stored? One or many repositories?
  2. Who has access to company sensitive data? Should they?
  3. If they should, then what should they be able to do with it?
  4. Should they be able to edit it, or should it be read-only access?
  5. Should they be able to print it? Save it? Copy and paste it?
  6. What about sharing or emailing it? With whom?
  7. How should documents be shared?
  8. Can they email an attachment, or should you force them to share a link to a secure sharing site?
  9. Do you need to audit sensitive data access and handling?

2. Adopt a Proactive, Zero Trust Security Posture

While companies identify data security and applications as some of their biggest areas of concern, many are still relying on user training and reactive, behavior monitoring and perimeter-based technologies to protect them from this new threat vector – trusted employees with legitimate access to applications and systems.

While these technologies serve an important purpose, they don’t address application and data security, data handling and compliance risks – and simple human error. To effectively protect against these risks a new, proactive approach is needed.

The good news is a modern and more effective methodology already exists. The concept of “Zero Trust” in security has been around for a number of years. Simply put, the Zero Trust approach dictates that you must verify and validate each action, every time, in context, to the level needed to meet the desired level of confidence for a decision: “Trust nothing implicitly, and verify everything you can, every time you can.”

Zero Trust comes down to verifying and validating each step, each action, and each element needed in order to satisfy the underlying needs – whatever they are.

3. Trade in RBAC for ABAC

The traditional approach to data security relies on Role Based Access Control or RBAC. This is where network access is restricted based on a person’s role within an organization.  The user’s role determines which permissions the system grants to the user. Users are only allowed to access the information and perform actions necessary to carry out their duties.

Attribute-based Access Control, or ABAC is a newer, more dynamic security methodology based on the combination of User, Environmental and Resource Attributes. It evaluates the attributes of a user, their security clearance (or role), their location, the device they are using, as well as the sensitivity level of the document they are trying to access to approve or deny access. It offers more granular and contextual security.

For example, when working in the office, you should be able to access documents, make changes to them, print copies, copy text and images, etc. But if you’re in a coffee shop on Wi-Fi and where other patrons will likely have a clear view of your monitor, access can be denied or limited to a read only view because the environment is not considered secure.

Pairing a data-centric zero trust security approach enforced by ABAC ensures appropriate checks and balances are enforced, and that they are relevant to the sensitivity of the data – in the context of whatever the access or sharing scenario is.

Want to adopt proactive data security that stops data loss and delivers benefits rapidly?

archTIS offers zero trust ABAC-powered data access and protection solutions that provide immediate benefits and return on investment, while empowering secure collaboration. Contact us to get a conversation started.

Share This