SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Guardians of data: Who watches over our information
Wed, 13th Dec 2017
FYI, this story is more than a year old

Businesses are now at a stage where employees can work from any location at any time with just the use of a laptop and Wi-Fi. Whether it's working from home or across the globe, one thing business executives are not being able to live without in a technology-driven era is a skilled and dedicated IT team. IT professionals are tasked with the responsibility to keep technology working throughout the office daily, as well keeping cybersecurity up to date in order to prevent security breaches within the organisation. The IT teams are indeed the guardians of businesses data and sensitive information and are in charge of not allowing it to fall into the wrong hands.

Last year alone, Australians lost over $2 million to hackers trying to access personal information. To curb this, the Australian Federal Government passed legislation that requires companies that make over three-million dollars a year to notify the government in the event they are breached.

The implementation of this law can potentially cause financial and reputational damage to organisations that do not take their security seriously. In order to avoid this, businesses must first manage the access that individuals within the organisation have, as security starts from the inside. By making sure the IT team is putting in place processes to monitor dormant accounts, manage privileged access accounts, and limit employee snooping, businesses can be in a much better position to avoid a breach and suffering the lasting ramifications as a result.

Stricter IT processes in place

It is imperative that organisations put into effect strict processes that IT teams can follow. An example of a process that gets overlooked by many organisations is the management of dormant accounts within a business. In fact, according to a recent study by One Identity, over 30 percent of businesses in Australia wait a year or more before checking for dormant accounts within the network. IT teams must be confident that accounts are correctly managed once an employee leaves the business or moves to a different position.

Best practices demand that access is removed from employee accounts that are no longer active. In the case where an employee changes roles, access needs to be altered to provide the new access and authorisation required for the new role and remove access that is no longer needed.

Oftentimes, the removal of no-longer-needed access is overlooked, or worse, role cloning exists. Role cloning occurs when an employee has access like a fellow employee, the unnecessary access could be cloned to another employee and so forth. When user accounts are not de-provisioned, they are open invitations for disgruntled employees, hackers or other threat actors, to exploit the accounts and gain access to sensitive systems and information.

Privileged access accounts

Another issue that goes unnoticed by many IT teams, is the management of privileged accounts. In the same One Identity survey, 80 percent of Australian IT professionals face challenges when it comes to managing privileged passwords within their organisations. Businesses use many different methods to secure information in regard to these administrator accounts, some still even using paper logbooks as a secure means of storage.

Privileged accounts grant virtually unlimited access to nearly every component of a company's IT infrastructure, essentially handing over the keys to a company's most critical and sensitive systems and data. It is essential organisations use tools and platforms to manage privileged access accounts. IT teams must also not forget to monitor the network for irregular access attempts on a continuous basis and constantly update and change passwords to ensure a breach does not occur from an old password getting made public.

Employee snooping

Another key factor to preventing breaches within an organisation is by keeping a lid on some forms of curiosity. Research within Australia has revealed that over 80 percent of workers have tried to access information about the company they work for that is not necessary for their day-to-day work, with the majority of those being members of the IT team.

In fact, the information that is most sought after by staff members is company performance reports. Although employees may not have malicious intentions with this snooping, business reports landing in the wrong hands could be detrimental not only to the organisation itself but stakeholders outside of the business. Even more alarming is the fact that this problem happens across all businesses regardless of size, with smaller companies actually falling victim more often.

Controlling who has access to certain information is a necessity in today's business world. With the mandatory breach notification laws coming into effect early next year, businesses must be sure that their IT teams are in fact acting as true guardians of their organisation's data.

The pressure on these IT workers to deliver and not be held responsible for a data breach is high, and in order to ensure they do not become the next target, measures need to be taken to make sure the correct IT processes are in place, privileged access accounts are managed correctly, and employees only access information that is relevant to their jobs. If businesses turn these issues around they will have better luck in 2018.