Real Leaks Involve Privileged Staff – How to Prevent Senior Authorised Staff from Stealing Information?
- IT systems detected only 6% of fraud cases, with the majority found via audit processes.
- Over 70% of fraud cases involved insiders.
- Over 50% of those involved in fraud were VPs, managers or held supervisory roles.
- Stealing Personally Identifiable Information was the most common means of fraud.
The key reason for this failure is that protecting against insider threats is not an IT problem but a business problem. Solutions like Data Leakage Prevention (DLP) systems, which try to prevent unauthorised access to sensitive information, do not tackle the issue of fraud. What is required is an approach where the auditing of users with authorised access to sensitive information is central to the implementation of the system.
Why DLP systems fail?
1. Information Owners (Heads of Department) are unable to directly control the information for which they are responsible
2. Existing security solutions only catch illegitimate access
3. Sensitive information cannot be shared with, or monitored by, IT staff
The Solution : Integrity Management System
e-Safe Compliance is the only system to protect against both insider and outsider threats:
- e-Safe Compliance ensures sensitive information is identified and protected by empowering the information owners themselves to classify sensitive information and create the necessary rule definitions, including document rights management. The creation of rules is audited centrally by the integrity department (or similar) to ensure coverage and avoid the creation of badly-defined rules.
- e-Safe Compliance monitors the usage and movement (file transfer, email, webpost, print, etc.) of sensitive information by all users.
- e-Safe Compliance presents sensitive information usage reports, with highlighted potential misuse, to the information owners as they are the best people to verify whether there is a data leak or not. To ensure that the information owners are not stealing sensitive information, the usage reports are centrally audited by the integrity department (or similar). This dual-reporting is an essential requirement to adhere to ISO27001 standards.
A high-level diagram of the checks and balances within e-Safe Compliance is shown in figure 1 below.
Figure 1 – Decentralized Information Monitoring System (Security is everyone’s responsibility)