Thwarting Insider Threats
Insider threats are difficult to see and even harder to acknowledge for most organization. “How could our own people be a threat to us?” Yes, this is exactly the type of attitude that leads to successful insider threat actors.
Many insider threats come from trusted employees, which is something most employers don’t consider. It’s hard to imagine that a trusted employee of the organization could be the one that steals a password worth millions. Insider threats can also come from temporary employees, contractors, unwitting employees, unwitting customers, and more.
Common insider threats.
One goal of attackers is to shield their identity during the attack – don’t want it being traced back to them. For someone who already has access to your network, this means phishing for another employee’s information. It’s suspicious for one employee to ask another for their credentials. Therefore, many times the employee waits for a user to leave from their computer. The attacker then goes to the unlocked computer and quickly sends data using the logged in employee’s information. This gives the attacker free reign to network data, while identity is still protected.
Most organizations have some sort of weak “inactivity lock” policy in place. When a user leaves their workstation, they should lock their PC so that no one else can access the desktop freely. But, this policy only works if everyone remembers to lock their computer. Unfortunately, most employees will forget to lock their computers and will leave them open.
Not only does an unlocked computer leave your network open to insider threats, but you also risk allowing outside attackers access to the machine. Tailgating is common when attackers want to gain access to your premises. They follow an employee through a secure door with the employee’s official badge. The employee thinks they’re just being polite. But in reality, they allow a potential attacker access to computers.
Protecting desktops – the main chokepoint.
Tripwire reported that insider threats are the biggest cyber security concern in 2017. Google filed suit against a former engineer who allegedly stole 14,000 files from them. the engineer then took the files directly to his new employer: Uber. This is just one example of a large-scale insider threat. But, this can happen to businesses of all sizes.
The main challenge is that most organizations must allow their employees enough access to be productive, while still limiting access to only files and applications necessary to do their job. This is known as the concept of ‘least privilege’. IT admins can rely either on users to lock their computers, or take a more proactive approach that doesn’t interfere with their workflows. IT admins traditionally place a lockout policy on the workstations. But it’s usually at least ten minutes before the desktop locks. This leaves too much time for an unauthorized person to access the workstation.
An alternative solution is to have a mechanism that auto-locks the desktop when the user leaves. The automotive industry already uses this advanced technology to auto-lock cars when the owner walks away. This is a much more user-friendly access control solution that can be adopted in more situations. And now you can do the same with your employees’ PCs, Macs, websites, and desktop applications.
Read about more vulnerabilities stalking your corporate network.
Automatically Lock Computers
GateKeeper Enterprise provides IT admins with a solution to auto-lock employees’ desktops. The user is given wireless security token that they carry with them. When users walk away, their computers lock, and when they move into range, GateKeeper automatically verifies their identity and presence for anticipatory 2FA. You can set the lock range, so the computer locks when the user is near or far from the computer.
This solution protects computers from outsider threats from tailgating and any malicious attacker who can physically gain access to a computer. IT admins can still set auto-lockouts on the computers. However, GateKeeper accounts for human error, which can cause immeasurable productivity losses. Lock and unlock with ‘just-in-time’ accuracy.
Strong 2FA login.
With GateKeeper Proximity, user productivity is enhanced because users can access their desktops and websites faster, but with 2FA. You still need other security logs and procedures in place. But GateKeeper stops the threat of unauthorized data theft based on someone accessing any unsupervised workstations, no matter where users are.
GateKeeper comes in two different security token type options:
- The GateKeeper Halberd is a hardware token that is carried like a car key.
- The GateKeeper Trident is a mobile app (software token) that can be downloaded to turn your phone into your password key.
Both key options can lock and unlock your home computer, work computers, websites, and desktop applications. The Trident app turns your 4.0 Bluetooth Android or iOS device into your authenticator token.
In addition to keeping your computer safe when you step away at a busy co-working space, GateKeeper 2FA has a more uses:
- You keep forgetting your password, only to reset it again to something you think you’ll remember next time. Except you won’t. You will forget again!
- You forget to lock your laptop when you leave for the restroom.
- Even your offices with a security guard and keycard access—you never know who could be sneaking around.
It’s too easy for someone with bac intention to get ahold of your private data. Especially if you have a bad habit of leaving your laptop unlocked. Let’s take away that risk. Visit gkaccess.com to learn more about how we save time while securing your passwords.