Data theft or loss by employees is a reality no one can deny. The cost of one such internal breach at Bank of America was 10 million USD. According to a study by Verizon, almost 20% of the all the data breaches are considered insider misuse events where an employee may have stolen the company’s confidential information to profit from it.
Who can cause the internal data leaks?
It is not just the employees who are directly responsible for the loss of data from internal sources. Many times an unauthorized person may steal the data from an unattended workstation. This often happens in a shop floor situation where the operator may need to leave the machine for a short period of time without locking the access. This short period of time may be enough for someone (a janitor or another employee) to plug in a USB drive to steal the valuable information from that terminal. It is not only the threat of data theft that is of concern here. Unauthorized devices may be infected with viruses and malware that may sneak into the company’s network and spread havoc across the organization. In fact, a targeted malware attack can be made using such devices and making use of social engineering with unsuspecting employees. And not only USB drives but CD, DVD, and other media can also be utilized for this purpose.
Where can these internal leaks occur?
The threat of Data theft from within the company’s network is compounded by the unsecured end points such as USB drives. These devices make it easy to copy data onto them, without anyone noticing it. These days, it ‘s hard to control the entry of mass storage device into the premises. The popularity of laptops in the corporate world is not making this any easier. In fact, the combination of smartphones and laptops has multiplied the problem several times. They can connect via not only USB but also Bluetooth and Wi-Fi using freely available apps for data transfer between the two. Thus it is not sufficient to just block the USB device. Other channels of inter-device data transfer such as Bluetooth and Wi-Fi of each laptop, also need to be secured to ensure data loss prevention across the organization.
Endpoint protection systems, such as Seqrite Endpoint Security, provide advanced device control features to protect the enterprise against unauthorized access via internal devices such as USB drives, CD/DVD-ROMS etc. to ensure that data leaks are stopped and unapproved data does not enter the network. The solution allows for the creation of security policies with varying rights. It can completely block the access to USB drive or allow read-only access to prevent any company data from getting copied onto the drive. The exceptions can be added to allow particular employee or group to have full access to USB device to ensure the smooth running of business operations. The advanced device control feature secures all USB devices and also other internal devices such as Bluetooth and webcams so that oblique methods are not allowed to transfer data.
The solution also detects and scans the endpoints for any confidential data present in the removable devices. Seqrite Endpoint Security also allows temporary access to removable devices based on policy. It implements a One Time Password based system to ensure that access remains temporary and can only be used by the authorized person.
The protection software is capable of sending notifications the moment an unauthorized device is accessed. The solution provides dashboards and detailed reports with information on devices that violated the policy and the users who breached the same, along with their name, time information and network location of the breach.
Data loss at internal endpoints does not seem obvious to the organizations. After all, the organizations need to entrust employees with confidential data, if they have to succeed in their role. However, repeated attempts of data stealing prove that employees can and do misuse the information they are trusted with. To reduce and practically eliminate the chance of data leaving the organization through endpoints such as USB and Bluetooth, Seqrite’s Endpoint Protection serves as an excellent solution.