Insider attacks are becoming an increasing threat worldwide. For many businesses it’s not a question of “if, but when” a disgruntled or cash-motivated employee will attempt to disrupt the system or steal proprietary data, either to use it to profit from it themselves (e.g. stealing a client data base and then starting their own business based on contacting those clients) or sell information on the black market.

The problem is that the applications used to keep outsiders from attacking computers, such as firewalls and security software, have made it easier for insider threats. The insider threat is always there because people on the inside are aware of what steps a company has taken to secure the network and the various applications used.

Ways to keep insider attacks from happening include least-privilege access and two-factor authentication.

1. The Law of Least Privilege: The law of least privilege allows people access only to those applications needed and only under the context in which they need it. The assumption is that any other access is for insider security risks.

2. Two-Factor Authentication: An authentication factor is a piece of information and process used to verify a person’s identity. Two-factor authentication (T-FA) is a system where two different factors are used to authenticate to be even surer that the person using the system is truly who they say they are. Using more than one factor is sometimes called strong authentication.

Concerned about your company’s Internet security?