Is your business at risk from a trusted employee?

All businesses depend on their employees regardless of their size. Trust is foundational in ensuring the business operates as required, customer needs are met, and intellectual property or regulated data is protected. While many companies are focused on protecting the business from external exploitation the thought of exploitation from insiders is many times missed.

Both Twitter and Trend Micro reported in November to have fallen prey to malicious insiders with legitimate access to sensitive company information. In both cases it appears that the companies did not discover the misuses by their own measures but became aware through 3rd party sources, long after the unwanted activity was initiated. Alarmingly, Trend Micro is a cyber security company which goes to show that even the best can get taken advantage of. Insider incidents are not new and are thought to account for one-fifth of all data breaches.

In the  case of Trend Micro the company indicated that 68,000 customer data records were provided to a 3rd party source who used the information in attempt to scam Trend Micro customers. In the Twitter leak, information was being provided to the Saudi government and Royal family pertaining to individuals who were hostile to the current regime. In both cases motivated employees provided the privileged information.

So what impact could a data breach have on your business? According to IBM the cost of a data breach in a small to medium business (SMB) with fewer than 500 employees averages $2.5M or 5% of annual revenue to remediate the issue. Regulated data such as in the case of Healthcare, averages $429/record, so the overall cost could be significantly higher to remediate the issue. Beyond cleanup costs a data breach can be devastating to a company’s reputation and the resultant loss of business can overcome many companies.

There is tremendous focus on the right tool set being the answer in solving complex information security issues. While investments in software, hardware, personnel, and training are all pieces in a complex puzzle, detailed processes and procedures are as critical as all of the other investments and without such, all investments are rendered ineffective. To many technical staffs the tools are exciting, but the process and procedures that insure the tools are generating manageable alerts for support staff may be viewed as ominous and are never fully implemented.

Without a proper implementation, many times events are generated and logged to some database server and alerts to supporting staff are never generated, or there are so many alerts that a support staff becomes overwhelmed and the response is to silence or ignore the alerts. When a third party source such as law enforcement contacts the compromised company and an incident response team is hired to investigate the breach, logs of malicious activity is often found tucked away on some database server that was never configured to alert support staff. Many times the malicious events have been ongoing for months to years.

Ask yourself or your employees:

How does the company monitor security alerts?

Is privileged user access to sensitive data audited on an ongoing basis?

Does the company use an internal audit function that is outside of the information technology group or use 3rd party resources to review security?

Are processes and procedures reviewed on an ongoing basis by an independent audit function?

Are the processes and procedures updated on an ongoing basis as the business and technology changes?

Does the organization perform regular incident response testing for data loss, systems outages, component failures, or other potential business disrupting compromises?

In the case of Twitter and Trend Micro a simple ongoing audit of privileged user access may have identified the malicious activity at its commencement saving time, reducing reputational risk, and significantly improving the company’s security profile.

Network Management Solutions has been helping organization since 1996 to establish sound information technology networks, systems, processes and procedures. Please call us at 908-232-0100 for a confidential consultation on how we can assist your business in managing the security of its information assets in a continuously changing world.

How To Select A Managed Services Provider

You have a growing business that relies on computer based technology. What do I mean?… well, computers, operating systems, servers, networks, internet connections, cloud infrastructure, and data sharing applications. Yeah it all sounds overwhelming and jargon filled but you need these things to run your business.

You have been getting by with support from an internal resource or two that have a little information technology experience but maintain other full time responsibilities within the business. You might also as well utilize an outside resource at your internet service provider or local computer store.  You know its not efficient, it’s a drain on your internal resources and problems seem to fester.  Its time for a change but what’s next? 

This article is intended to help guide you towards a solution, that will free internal resources from ad-hoc IT tasks and enable your employees to focus on their intended functions, as well help you to have a problem management process and secure technology infrastructure that most effectively supports your business.

Introducing the Managed Services Provider, or maybe you already have one, but it doesn’t seem to be working out. Hopefully these steps will set you on a path towards solving the dilemma and keeping your IT systems and information secure and in top shape.  

  1. Identify your infrastructure. Identify what internal and external infrastructure exists that supports your business. What I’m talking about are computers, servers, network connections and applications. If you’re not quite sure how to gather this information, many Managed Services Providers will assist in the process through an information technology assessment. An information technology assessment should be routine to an MSP and some will credit the cost of the assessment if you decide to sign up for their ongoing services.
  2. Identify your service needs. Decide what elements of the overall internal and external infrastructure need oversight. For example if you host an internal email server, or database server, is this something a third party could take on the management of? Do you require proactive management of network connections, servers, and applications, or do you just wait until they fail and scramble to identify where the problem is? Perhaps our IT problems page, or evaluation checklists can help you come up to speed and refine your approach.
  3. Assemble your business requirements. Now that you have a clear understanding of the components in your infrastructure and service requirements, such as proactive monitoring of critical systems, problem management support, support hours and response times, document these items as they will be critical in moving forward towards a decision on a new Managed Services Provider.  
  4. Interview potential Managed Services Providers. Find out what services each company provides and how they map to your business requirements. Do they have the staff, experience, and hours of coverage to support the business requirements; can they respond in the required timeframes; do they provide ongoing updates on service outages, or operating systems updates and patches?  Is there a standard service level agreement that defines how issues are managed and can it be customized to support your specific requirements?  Identify the cost of services for supporting your current requirements as well as the costs as your business and infrastructure grows.
  5. Select a Managed Services Provider. Establish clear service level agreements defining services provided, operating procedures, response time agreements, as well as key contacts and escalation procedures. Also establish the ongoing reporting provided by the Managed Services Provider and have the reports customized to meet your specific needs.
  6. Review ongoing performance. Review reports provided by your Managed Services Provider and compare them to your service level agreement. Most importantly maintain an open and honest dialogue with your Managed Services Provider. Clear open communications will foster the results you are looking for while strengthening the partnership and mutual respect and trust in the business arrangement.

Network Management Solutions has been providing custom information technology solutions since 1996 for large, mid-sized and small business.  All of our services, including our Managed Service Provider solutions are customized to support our client’s business needs. For more information please call us at 908-232-0100, also reference our online questionnaires and toolbox.

Network Management Solutions Please reach out we want to assist you in making your business better.