How to Prevent Superusers from Leaking Data
16.09.2021
In the vast majority of companies, work is structured according to a hierarchical principle: from top management to ordinary employees. Everyone has their own area of responsibility, everyone does their job. It is clear that the company's management interacts with more important and confidential information. Privileged users or so called superusers are often targeted by hackers, and some, using extended rights, can use information not only for business purposes.
According to statistics, the main cause of data leakage is the human factor, which accounts for 95% of all incidents. It has long been no secret that it is not hackers who are most often to blame for information leaks, but the employees of organizations themselves.
According to the results of a research on the threat of information leakage by company employees, 90% of the companies surveyed over the past year did have leaks of confidential data, such as information about employees, documents on the company's financial transactions, databases with customer data. Most of the leaks occurred due to a deliberate leak of data from the company's superusers, the rest was due to inattention and gullibility.
The risk of loss or leakage of information grows exponentially when stuff members are transferred to a remote work format and it becomes much more difficult to control employees' actions. Particular attention should be paid to department managers, managers, employees of the company's information security department, because they have access to the most important data. Also, some accidents happen due to the fault of the quitting employees, who, for their own reasons, may take the confidential data of the company with them.
Speaking of leaks, we should also mention an internal data leak - unauthorized copying of data by company employees. It is impossible to completely protect the organization from such incidents, but the risks of an accident can be significantly reduced. To do this, you need to regulate the use of data for employees:
- establish responsibility FOR the disclosure of information;
- draw up relevant documentation, for example, a non-disclosure agreement;
The company should introduce a regime for protecting commercial secrets, prepare documents that clearly state what information is a commercial secret, who and how is obliged to protect and transfer it and what measures will be taken in relation to the violator. Such agreements must be signed not only be the employees, but also by contractors and intermediaries.
- provide access to information in accordance with the hierarchy and responsibilities of employees;
The easiest way to secure valuable information is to delimit access to data and give employees only the data they need to work. For example, to give the manager not the entire database, but only the contacts of the clients he interacts with, to give the smm-specialist information not about all the projects of the department, but only data on social networks and platforms necessary for creating content.
- to enhance control over those employees who, by the nature of their work, have access to and often work with confidential data;
- control communication channels using special systems.
In this case, "special system" means DLP installation. A DLP system (data leakage prevention) is a software solution that monitors the transmission of data across all communication channels, it can prevent an attempt to transmit data to outsiders.
As an example, let’s consider Falcongaze's SecureTower, a popular DLP system on the market that has won customers' trust. SecureTower checks all info transactions in real time, blocks suspicious actions, notifies the security service about it, monitors attempts to transfer information to outsiders, and also:
- monitors the actions of unauthorized users in the system;
- controls the printing / transfer of files to devices;
- controls / limits access of USB and other external devices to the system;
- recognizes text, audio and video files, records from the computer screen or microphone.
The indisputable advantages also include:
- 2in1 system (employee control + protection against leaks);
- server requirements are lower than those of competitors;
- free test of the system on Falcongaze equipment;
- training and assistance in finding information leaks;
- system integration in 1 day.
Solving the issue of access to data with unprivileged users usually does not seem to be a problem, here, more likely, competent management is required than technical solutions.
Data leakage through the fault of privileged company employees is not such a rare problem, but an important vector of cyber threats that requires appropriate measures to prevent accidental or deliberate loss of confidential information. Senior management is encouraged to develop a plan to implement the required information security processes and software, and to address vulnerability testing of an existing system.