Skip to main content

Employee Security Breaches Are On The Rise – What Can You Do?

By March 12, 2016March 6th, 2023Blog, Cybersecurity

employee_security_breache_121323_222832Hardly a week goes by that there’s not some or other high profile hacking attack or data breach in the news. These headline making attacks get the lion’s share of the attention because of their scope and scale, seeing the hackers making off with sensitive personal and financial information of hundreds of thousands, and often literally millions of users in a single swipe. What doesn’t make the news, but is every bit as bad a problem, are the smaller scale attacks that come from the inside. Employees who inappropriately access protected customer information in smaller batches in ongoing attacks that can go completely undetected for months, or even years.

The problem here stems mainly from improper levels of access control, and lax, or nonexistent enforcement policies where data access is concerned. The good news is that there are a number of things you can do about this problem, starting today.

First and foremost, you’ll need to conduct an end-to-end review of your current data access policies and procedures. For example, many doctor’s offices allow all staff to access all patient data, even though in practice, most of the staff only needs access to a tiny fraction of the total patient data available in order to perform their job function. Here, it comes down to putting new gateways in place, and instead of treating a patient record as a single entity, to break it into discrete chunks, and assign access to each piece individually.

Hand in hand with that, of course, must be an access log which is audited on a regular basis to check for improper access, and policies to outline both the new procedures and the consequences for breaking them. Many companies are also finding success with “whistleblower policies,” that protect employees who spot and report suspicious data access.

The bottom line is that these issues are real, and potentially just as threatening to the future of your company as the successful breaches that make the headlines. The good news is that you’ve got a much better chance at preventing them, provided you’re willing to invest in the technology and infrastructure to make it happen.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.