Threat: Ask a random stranger to name the most dangerous threats out there and they’ll probably point to hackers and malicious insiders. Ask an IT professional in the federal government, though, and they’re more likely to finger careless insiders who expose sensitive data without even realizing it.
In fact, 56 percent of federal government IT personnel surveyed recently by SolarWinds called untrained insiders a major threat. By contrast, 48 percent said the same of the “general hacking community” and just 36 percent named malicious insiders.
Though federal agencies aren’t necessarily representative of end user organizations at large, Brown notes, their experiences aren’t wildly different from prevailing norms either. You don’t need a government ID to use a risky public Wi-Fi service somewhere, download a virus onto your laptop, and then bring it back inside the perimeter with you when you return to the office.
Countermeasure: According to Brown, behavior analytics software can help mitigate careless insider threats by rapidly identifying unusual events, like users probing file shares they’ve never accessed before or suddenly uploading data to an IP address in China. Access rights management (ARM) software that limits how much data compromised users can jeopardize is another essential safeguard, he continues, especially in an age of anytime, anywhere mobility.
“If you’re going to allow access from anywhere, you don’t really have a perimeter, so access control becomes extremely important,” Brown says. That’s exactly why SolarWinds released SolarWinds ARM, an access rights management system, late last year, he notes.
More Galleries like This
CharTec, CloudJumper, Connect Booster, EventTracker, Liongard, and newcomer RocketCyber all used the recently concluded conference as a launching pad for news about new solutions and services.
An updated security awareness training solution from Webroot, an enhanced SD-WAN solution from Citrix, and a forthcoming mobile DNS filtering product from WatchGuard are our final trio of product-related stories from last week’s giant security confab.
Experts from SolarWinds, Trend Micro, Vade Secure, WatchGuard Technologies, and Webroot discuss five things worth worrying about online, and suggested countermeasures for mitigating them.
Held last week in Los Angeles, the first of the distributor’s live events for 2018 showcased mobility, security, IoT, and vertical industry solutions, among other opportunities, as hot markets for SMB resellers in 2018
If you simply can’t get enough vendor news from this year’s CompTIA ChannelCon event you’re in luck. We’ve got one last round of updates for you from ESET, ID Agent, Intermedia, and Barracuda MSP.