Naviant, Inc. Partners with Reveille Software to Offer ECM Monitoring Solutions

  • Products
  • Why Reveille
  • Resources
  • About
  • Pricing
  • Home
  • Products
    • Reveille Products
      • The Reveille Platform
      • Reveille Connectors
      • Reveille User Analytics
    • ECM Supported Platforms
      • OpenText
        • Reveille for OpenText Documentum
        • Reveille for OpenText Extended ECM
        • Reveille for OpenText InfoArchive
        • Reveille for OpenText Intelligent Capture
      • IBM
        • Reveille for IBM FileNet
        • Reveille for IBM Datacap
        • Reveille for IBM Content Manager OnDemand
      • Hyland
        • Reveille for Hyland Alfresco
        • Reveille for Hyland OnBase
        • Reveille for Hyland RPA
      • Kofax
        • Reveille for Kofax Capture
        • Reveille for Kofax TotalAgility
        • Reveille for Kofax RPA
      • Microsoft
      • Box
    • Supported Cloud Environments
      • AWS
      • Microsoft Azure
      • Google Cloud Platform
      • On-prem, Hybrid, and Private Clouds
  • Why Reveille…
    • Use Cases
      • Enterprise Content Management Capture
      • Enterprise Content Management Repository
    • Industries
      • Financial Services
      • Government & Education
      • Healthcare & Life Sciences
      • Manufacturing & Logistics
      • Success Stories
    • Customers and Partners
      • Why Customers Choose Reveille
      • Why Managed Service Providers Choose Reveille
      • Reveille Partners
  • Resources for Reveille
    • Demos
    • Webinars
    • Technical Overviews
    • Blog
    • Reveille.Enable
  • About Reveille Software
    • Overview
    • Contact Us
  • Pricing
  • Request Demo
Request Demo

3 Ways To Protect Against Insider Threats

by Reveille | Apr 30, 2020 | Blog | 0 comments

3 Ways To Protect Against Insider Threats

 

97% Of IT Leaders Fear Company Data Will Be Exposed By Their Own Employees

When people think about data leaks, they tend to assume the cause of the threat came from outside the company. In reality, there is just as much danger, if not more so, of a data breach happening from within.

A recent study from Egress’s Insider Data Breach Survey 2020 found that 97% of IT leaders are actively concerned about an insider data breach.

Why? Because of statistics like these, according to Information Age:

  • “78% of IT leaders surveyed said that employees have put data at risk accidentally within the last year.”
  • “75% say that intentional compromise of data security has occurred.”
  • “24% said lack of employee security training was to blame; 21% said insider breaches were caused by employees rushing tasks.; 31% said employees had sent information to the wrong person.”

Insider data breaches are a much bigger problem than many companies realize

Just look at what Elon Musk had to deal with earlier this year with Tesla. According to CNBC, Musk “had learned an employee of the company conducted quite extensive and damaging sabotage to its operations,” ultimately exporting highly sensitive data to unknown third parties.

This has been a growing problem in the cybersecurity world, the threat of insider leaks. Even back in 2016, Harvard Business Review was reporting that more than 60% of all data attacks were carried out by insiders. When something like this happens, the effects can be catastrophic, leading to any (or all) of the following:

  • Damaged company reputation
  • Regulatory fines
  • Leaked trade secrets (as seen in the case between Uber and Google over self-driving technology)
  • Compromise of user data
  • Ruined customer trust
  • Financial loss

For context, an insider-related incident can cost a company upwards of $500,000.

In fact, according to the Ponemon Institute 2018 study on insider threats, these incidents can cost a company up to $8.76 million per year, and in North America, the cost is even higher: $11.1 million per year.

So, how do you defend against insider threats?

1. You need to focus on the “crown jewels” of your organization, and create a hierarchy for content and data access to different levels of employees.

The simplest form of data protection companies use is simply giving access to certain folders or files to some employees, and restricting access to others.

But especially when you’re dealing with highly sensitive information, this tactic is pretty entry-level. What you really need is a way of measuring user behavior, and gauging employee behaviors and activities to determine whether certain data needs to be immediately shut down so that you can conduct an internal investigation. This is a big part of what we do at Reveille for key platforms from Box, IBM, Microsoft, and so on. We provide tools to bring a completely different level of transparency to layers and layers of content management and access within the organization, with software solutions that learn behavioral patterns over time and can trigger warning systems as soon as behaviors inside the company begin to look suspicious.

2. Collaboration between employees, contractors, partners, and vendors is only increasing, so you need to have a clear sense of who needs access to what data, and why.

Data security begins as early as the interview process.  With every employee, every potential vendor, you need to have a firm grasp over what levels of data they are going to need in order to do their job effectively—without giving them exposure to more than what is necessary.

The second step then is to add layers of protection, and ways to track the nature of their content transactions within the company—and measure those transactions against any unusual behavior outside the norm. The goal isn’t to have a police state, but to have processes in place that can catch early signals of malicious activity before they become a serious problem.

3. There are two types of insider threats: malicious and accidental. The former requires measurement and tracking, the latter requires policies established within the company.

Accidental data leaks would be employees mentioning something they shouldn’t on social media, shipping out confidential information accidentally in emails, or even just putting their company’s data at risk by misplacing their phones or computers. These kinds of things happen all the time.

This is why training is such a crucial part of internal data protection. For the last 25 years of bringing content management systems and behavioral insight solutions to market, I can tell you that companies not having proper training or policies in place is one of the foundational errors that leads to data leaks. However, once you have these policies integrated into your company culture, you now have a key input to measure against behavioral baselines—which makes your tracking tools that much more effective in being able to spot malicious behavior.

Understand User Behavior in Context

Learn how Reveille’s solutions help understand user behavior in context to detect suspicious behavior and ensure your information is protected from insider threats.

 

 
Learn more

Submit a Comment Cancel reply

Your email address will not be published. Required fields are marked *



Reveille Software
300 Colonial Center Pkwy
Suite 100
Roswell, GA 30076


HQ
+ 1 877 897 2579 | EXT 1


London Office

+44 (0) 7879 431194



Information / Sales / Support
info@reveillesoftware.com
sales@reveillesoftware.com
support@reveillesoftware.com
  • About Reveille Software
  • News
  • Pricing
  • Contact Us
  • Reveille Partners
  • Privacy Policy
  • Resources for Reveille
  • Reveille Demos
  • Reveille Webinars
  • Technical Overviews
  • Training Directly From Reveille
  • Reveille Products
  • The Reveille Platform
  • Reveille User Analytics
  • OpenText
  • IBM
  • Hyland
  • AWS
  • Kofax
  • Box
  • Microsoft Azure
  • Google Cloud Platform
  • On-prem, Hybrid, and Private Clouds
  • Reveille Connectors
  • Reveille for Microsoft
  • Why is Reveille…
  • ECM Capture
  • ECM Repository
  • Enterprise Content Management Users
  • Financial Services
  • Government & Education
  • Healthcare & Life Sciences
  • Manufacturing & Logistics
  • Retail
  • Success Stories
  • Why Customers Choose Reveille
  • Why Managed Service Providers Choose Reveille
  • Reveille Partners

Privacy Policy

© 2023 Reveille
  • Follow
  • Follow
  • Reveille Products
  • PReveille Platform
  • PReveille User Analytics
  • PReveille Connectors
  • Supported Platforms
  • OpenText
  • Documentum
  • Intelligent Capture
  • Extended ECM
  • InfoArchive
  • IBM
  • PFileNet
  • PCMOD
  • PDatacap

  • Hyland
  • POnBase
  • PAlfresco
  • PHyland RPA

  • Kofax
  • PTotalAgility
  • PKofax Capture
  • PKofax RPA
  • Microsoft
  • Box
  • Supported Cloud Environments
  • PAWS
  • PMicrosoft Azure
  • PGoogle Cloud Platform
  • POn-prem, hybrid, private
  • Use Cases
  • ECM Capture
  • ECM Repository
  • ECM Users
  • Industries
  • PFinancial Services
  • PHealthcare / Life Sciences
  • PGovernment
  • PManufacturing & Logistics
  • PSuccess Stories
  • Customers & Partners
  • PWhy Customers use Reveille
  • PWhy MSP's use Reveille
  • PReveille Partners
  • Reveille Resources
  • PDemos
  • PTechnical Overviews
  • PBlog
  • PWebinars
  • PReveille.Enable
  • About Us
  • PAbout Reveille
  • PNews
  • PContact Us
  • PReveille Partners