Data Privacy amid rising Insider Threats
April 09, 2020 | Insider Threats, Data Privacy
One of the largest banks in India became an easy target of malicious insiders. A massive data breach yet again due to lack of confidential data security controls has brought to the forefront an urgent need for robust security solutions like Privileged Access Management.
A popular nationalized bank suffered a security breach causing a loss of INR 29 crore. The bank which has almost 200 branches in different cities across the country has revealed that almost 447 customers’ data was compromised. The organization has already lodged a complaint to the police against two of its current employees and one ex-employee.
While giving details of the misconduct, the Managing Director of the bank stated that the bank’s IT and vigilance department has already set up an enquiry committee and they are checking the detailed activities of the three suspects. According to the investigation report, the suspected officials stole the private confidential customer data from the Shared Network after gaining illegal access to the accounts of 447 customers. After preparing PDF files of the records, those malicious insiders emailed the data to themselves and shared among each other. Eventually, the Information Security Management System was compromised and the bank’s reputation was maligned. This incident prompted customers to withdraw their money from savings accounts or fixed deposits (even before maturity) in huge amounts causing the bank to lose almost INR 29 crores.
How does the problem aggravate?
The threat to privacy and data integrity is maximum in the BFSI industry. Banking and financial service organizations always face the challenge to keep a large swath of confidential information secure. The above incident, however, reemphasizes the fact that the banking industry will have to re-evaluate their IT infrastructure security and identify the areas which can create IT security vulnerability in future. The account details of the users not only consist of financial records, but also private information like PAN card no.; contact no.; email address, mailing address etc., which can be misused by malicious actors in many ways. If the suspect is an insider, then definitely it becomes challenging for the organization to prevent the unrecoverable damage.
The major challenge with corporate insiders is that they are privy to confidential information, corporate secrets and have privileged entitlements, in most cases. Social engineering is adopted in the case when corrupt employees do not have access to systems.
Adding to the woes, malicious insiders’ risk is difficult to figure out because the users are normally authorized to access critical data assets; in other words, they possess standing privileges to access databases and applications.
How to overcome the challenge?
Most of the time, organizations tend to ignore the behavioural aspects of malicious insiders. It is extremely crucial for the organizations to identify the suspicious behavioural aspects of the insiders. There are various behavioral indicators of malicious insiders which, if paid attention, can be detected early, easily and successfully. Few among them are:
- Obnoxious history of data theft, hacking, or security violations at former workplaces
- Cases of unprofessional behavior and personality conflicts with co-workers or reporting managers/ supervisors
- Cases of bullying or intimidation of other employees
- Misuse of travel, time, or expenses at former workplaces
Further, to mitigate IT threats, financial organizations should deploy security tools like Privileged Access Management. Indeed, the most effective way to overcome the malicious insider challenge is by building an effective risk control framework in the enterprise network, which is provided by ARCON Privileged Access Management (PAM). This solution can help organizations get rid of data breach worries originating from the insiders. The robust solution offers a host of functionalities that ensure restrictive end-user access to target systems.
ARCON | PAM ensures:
- The principle of least privileges
- Frequent privileged Password randomization
- Multi-factor Authentication process
- Incorporating granular level access to the privileged accounts
- Privileged user authorization
- Continuous monitoring of privileged sessions
The Bottom Line:
The sensitive and confidential information in BFSI is under grave risk unless there is a robust PAM solution deployed in the network. The chances of Malicious Insider threats can be reduced significantly with the help of a comprehensive ARCON | PAM solution.
ARCON is a leading enterprise risk control solutions provider, specializing in risk-predictive technologies. ARCON | User Behaviour Analytics enables to monitor end-user activities in real time. ARCON | Privileged Access Management reinforces access control and mitigates data breach threats. ARCON | Endpoint Privilege Management mitigates risks arising out of endpoints. ARCON | Secure Compliance Management is a vulnerability assessment tool.
Attribution and Disclaimer:
"Gartner, Zero Trust Is an Initial Step on the Roadmap to CARTA, Neil MacDonald, 10 December 2018"
"GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved."