Lead Image © Seasons, 123RF.com

Lead Image © Seasons, 123RF.com

Insider Threats


Article from ADMIN 47/2018
In the sys admin chagrin basket, users are the greatest source of our collective distress.

In the sys admin chagrin basket, users are the greatest source of our collective distress. Users click on phishing email messages, they download malware, they spend countless hours on those universal privacy leaks, known colloquially as social media sites, and they insist on trying to unravel our most sophisticated and well-executed security measures. In a word, users are a necessary evil.

We can't tie their hands. We can't unplug their computers or disable their WiFi connections. We can't place a force field around their laptops. And we can't seem to successfully educate them in the ways of safe computing. They are insiders and they are a persistent threat. And we can only hide for so long behind unanswered email, ignored phone messages, and the occasional walk by. We are doomed to deal with this insider threat and no amount of procrastination or advanced Jedi mind tricks will relieve us of our duty of protecting the user – even if it's from themselves.

Taking a soft approach to cybersecurity is one sure method of guaranteeing that you will experience a breach. You can't allow users to determine when they'll install Windows updates, when they'll decide to update their anti-malware software, or when to use multifactor authentication on web-based financial transactions. The soft security approach is better than any virus, adware, spyware, trojan, or worm at compromising your security. Hackers and advanced persistent threat (APT) organizations love IT and security folk who aren't serious about security. They love users who aren't trained. They love C-level executives who haven't been warned about whaling. And they really love systems that are behind on patches.

You can provide the latest and greatest security technology and spend hundreds of hours and tens of thousands of dollars per year on gadgets, on software, on third-party consultants, and on internal audits that will have absolutely no value if even one user clicks on some new email-borne

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus