Data protection from Internal Information Security Threats

Insiders are by far the greatest cause of information security breaches.  A data breach can happen, whether malicious or accidental, and breaches are devastating to companies, both financially and to their investor/client relationships.

As the WikiLeaks scandal has proven, internal data security threats are becoming the greatest risk to a company’s valuable, and highly-confidential, data. Most businesses are diligent about protecting their data from external threats such as viruses, malware and hackers, yet these same businesses have been largely ignoring data and productivity loss that comes from within their organization.

Your employees are often the source of the most serious challenges to protecting your confidential data

  • 70% of security breaches come from inside the company
  • A recent study found that 59% of ex-employees admitted to stealing confidential company information
  • Laptops, iPads, and smartphones used by mobile workers are easy to steal or misplace
  • The 2009 Computer Security Institute Computer Crime and Security Survey found that 42% of respondents had lost a laptop or other portable device to a thief in the last year
  • 12,000 laptops are lost each week in American airports (Ponemon Institute study)
  • Data loss is expensive, costing an estimated average of $200 per record breached (2009 Ponemon Institute study)
  • Employees spend 20% of their work time on social networking websites ( survey)

The Online Trust Alliance (OTA), a government agency charged with aiding businesses, non-profits and government agencies in creating data security incident plans and providing recommendations including best security practices, cited reports of more than 400 computer security breaches exposing more than 26 million personal records in 2010. According to the study, 96 percent of online breaches were preventable using internal information security controls.

Internal threats can pose a far greater risk to your organization than those originating from the outside (spam, viruses, network attacks).  Additionally, today’s mobile workforce demands instant access to corporate assets and confidential data from remote locations. With the advent of the mobile workforce, endpoint security has become a necessity. Yet most businesses do not have adequate protection for internal threats originating from the endpoint.

A data loss prevention (DLP) strategy is mission-critical for companies in highly-regulated industries such as financial services. However, most hedge funds and financial service firms are not taking the proper measures to protect their information from the inside out. Information security breaches of this kind can have a damaging effect on these funds and their investor relationships — relationships that are essential to fund raising.

Unlike firewalls, intrusion detection systems, filters, and UTMs that are used at the network perimeter, internal security protection controls the problem at its source — the endpoint.  Preemptive data loss prevention keeps your business ahead of the data protection game by helping you identify and protect sensitive information, including information being accessed from remote locations by mobile workers.

Internal threat prevention addresses specific pain points, including theft of customer information, surfing the net, stolen laptops, compliance regulations, remote users, and employee productivity, by providing a very specific strategy for dealing with data loss prevention (DLP), employee monitoring, and laptop recovery.

ACE IT Solutions offers a simple, complete, and cost-effective solution for DLP that detects and prevent threats to your company’s confidential data that come from inside your organization. It is effective regardless of where your critical data or your employees reside.

Learn more
Read our whitepaper on Internal Data Loss Prevention and our approach to data protection from the inside out. Click here to download.

Get More Information

Use the form below to get more information about ACE IT Services and what we can do for you.

  • This field is for validation purposes and should be left unchanged.