Christopher-Morrison-Response
Christopher Morrison posted Nov 7, 2017 8:44 AM
Insider threat continues to be one of the largest threats to company’s security. According to IBM’s 2016 Cyber Security Intelligence Index, 60% of all cybersecurity attacks were carried out by insiders, and three quarters of those attacks involved malicious intent (as cited in van Zadelhoff, 2016). Insider threat is the threat that an insider will use their authorized access, wittingly or unwittingly, to do harm to the security of an organization (Committee on National Security Systems, 2015). Currently, Sifers-Grayson does not have the resources in place to reduce the risk of insider threat, which is a vulnerability that needs to be mitigated.
Investing in an Identity Governance and Administration (IGA) solution is the best way for Sifers-Grayson to address three of the most important areas of concern; account management, separation of duties, and access management. Account management is needed to ensure all active user accounts are necessary and documented. For example, when an employee leaves the company, their account needs to be disabled to ensure they no longer have access to systems. Additionally, the accounts need to remain secure, and an IGA system can provide a central location for password management (Graph Identity, 2015).
Separation of duties “restricts the amount of power held by any one individual†(Gregg, Nam, Northcutt, & Pokladnik, n.d.). It requires more than one person to complete certain tasks. It is important in an organization to ensure no single user has the ability to bypass security measures in place to carry out or conceal prohibited actions.
Access management is possibly the most important control for an organization, and role based access control (RBAC) provides the best solution. RBAC “restricts network access based on a person’s role within an organization,†with the roles referring to the different levels of access (Zhang, 2017). As a person changes positions within the company, their role can be changed to ensure they maintain only the proper amount of access. Additionally, by labeling data by its sensitivity, roles can be configured to ensure only individuals who need access to the information gets access.
Managing employee access to company data is an important part of information security. By implementing an IGA solution, Sifers-Grayson can reduce risk by gaining additional levels of security throughout the network.