Leakage of information containing personal data of customers or a company’s trade secrets can cause damage in the tens of millions of rubles. At the same time, most leaks occur intentionally: they are committed by current or dismissed employees. And, unfortunately, the number of such cases is growing rapidly. If in 2019 deliberate leaks accounted for more than 47% of the total number of leaks, then in 2020 this percentage exceeded 79%, according to InfoWatch.
Among the main reasons, experts name the transition to remote work, company reorganization processes, job cuts and a decrease in real incomes. In this regard, the business has a question: how to prevent financial losses and preserve the reputation? We understand in the article.
In 2020, a company operating a large hotel chain reported a leak of guests’ personal data. The leak point was two franchisee accounts that had the appropriate access.
When it was discovered, 5.2 million rows of a table containing information about the name, date of birth, privilege level of guests, and more had already been stolen. The management company suffered damages in the amount of $132 million in the form of a fine and tarnished its reputation.
What would help prevent the situation?
A timely analysis of the employees’ permissions would have prevented unauthorized access by the franchisee to guest data, and an additional measure in the form of delimiting the activity of accounts according to the staffing table, blocking employees from logging into the company’s systems during non-working hours, would have reduced the risk of such a leak to almost zero.
In 2021, there was an incident in one credit union that was not related to the leakage of information, but also brought great damage to the company. A former employee of the union, two days after her dismissal, went under her account to a network drive and deleted 21 GB of data, including a folder called “Do not delete”, which contained licenses and software for the organization’s cybersecurity.
The attacker was identified, but the archive for the last year of the credit union was destroyed. The fine was $10,000 and the offender faces 10 years in prison.
What would help prevent the situation?
An automatic blocking of the accounts of the terminated employee could have prevented the situation.
In 2020, a former employee of the bank’s call center, having logged into the cloud system in which the company worked with customer questionnaires under his account, downloaded more than 150,000 questionnaires of potential borrowers collected during an advertising campaign.
At the same time, access to the main systems for the employee was blocked, but for some reason remained to the cloud. Names, phone numbers, passport details, addresses of residence, data on marital status, full names and contacts of close relatives, places of work, positions and current incomes were stolen.
What would help prevent the situation?
Automatic blocking of the accounts of the terminated employee could have prevented this.
In 2020, one of the leading engineers of the American company, having worked in it for more than 20 years, quit. At the same time, access to the internal knowledge base for some reason remained active for him.
A couple of weeks after leaving, he got a job at a start-up that developed chips for network devices, and, according to official structures, passed on company information related to test plans and technical specifications for a certain family of chips to them. Now the engineer is facing jail time.
What would help prevent the situation?
Automatic blocking of the accounts of the dismissed employee could prevent the leakage of trade secrets.
A breach of known software through the supply chain and a compromised password has taken a toll on nine federal agencies and more than 100 companies.
What would help prevent the situation?
The use of software to enforce password policy rules could save us from this risk.
The incidents described above occurred, most likely, due to a banal lack of time and the lack of a real opportunity to manually control the rights of tens of thousands of employees and changes in their role models on a daily basis.
Therefore, it is very important for managers of companies with more than a thousand employees to rely not only on internal rules and vigilance of information security departments, but also to resort to the help of specialized software products, for example, IDM (Identity Management) systems.
One such solution is Ankey IDM . This is a software product for centralized management of user accounts and their powers in corporate information systems, which includes the best IGA (Identity Governance and Administration) solutions.
The product is a domestic development and is suitable for organizations working with Russian software. AnkeyIDM allows you to:Minimize the risk that a terminated employee will retain access to work accounts and download or use commercial information for personal purposes.Prevent an employee who has been working in the company for a long time from accumulating excessive access rights.
Simplify and streamline the process of obtaining accounts for new employees. Facilitate the work of system administrators. Comply with import substitution requirements and more. Transfer the tasks of administering accounts and related policies to a single window. Systematize the work of IT departments, information security and business users with rights, powers and functional roles in the organizational structure. More information about Ankey IDM features can be found on the website . The negative experience of dozens of companies shows that today it is impossible to ignore the risks of information leakage, so all the necessary measures to avoid this should be taken in advance.
1 comment
thanks